SN 884: TLS Private Key Leakage

Beep boop - this is a robot. A new show has been posted to TWiT…

What are your thoughts about today’s show? We’d love to hear from you!

On the topic of domain ownership I was always under the assumption that ICANN already provide the mechanism to assign ownership through defining the contact information of one of four roles.

The Organization Contact is the registrant or legal owner of the domain name. This can be an individual or an organization.

The Admin Contact will receive notifications regarding the domain name expiration and will need to approve any transfers for the domain name. This is also the contact listed with the Whois database unless Direct Privacy is enacted.

The Technical Contact is responsible for maintaining and updating the DNS name servers associated with the domain name.

The Billing Contact is responsible for accounting issues associated with the domain name, including payment for the domain name’s license and renewals.

Whenever I’ve had to register a domain I would fill the organization and billing info with my clients and admin and technical with my own contact info. The only time billing wouldn’t be the owner’s info was when there was an agreement made between myself and the owner that the funds were pre allocated and provided prior that I would be responsible for disbursing in a prearranged manner and limited by the scope of agreement and funds provided to stay in compliance to the life span of the agreement.

Of course that info is set by the person who has access at the registrar - usually the person who paid for it. Can you use the contact info to request transfer of the domain to your account if the owner disappears?

I believe so, depending on who is assigned as what they all have different ways of creating a transfer path, some take longer than others. If the admin disappears the organization can still get control but it requires 30 days to pass where when the admin contact is reached out to if they don’t respond then it opens a path for the organization to render a rewrite decision of the records to a new admin. Then it will take an additional 60 days before a transfer can be requested if a rewrite of records takes place.