Recently I received a comment on the blog for an article written about .RU registry.
Comment: Clause 9.6.2 IS NOT requires mandatory verification, it is just states the list of data, which is kept in registry. It is similar to 3.3 clause of ICANN’s RAA2013.
Time-frame for clause 9.3.7 is NOT one year, it is 7 days (compare to 15 days of RAA2013) after registrar’s request to update/confirm data.
Ans: According to .Ru Registry terms and conditions : 9.3.5. The Administrator shall execute the request to provide clarifications and documents within 7 (seven) days from the date of dispatch of the request by the Registrar. The Registrar shall have the right to establish an additional timeline for submission of supporting documents upon the Administrator’s substantiated request.
This means that once the Registrar has sent in a request for documents – Within 7 days the admin should provide clarifications/documents. However, the time period of 1 year still remains for the registrar to verify the details.
Re: ICANN 2013 RAA
3.7.7.2 A Registered Name Holder’s willful provision of inaccurate or unreliable information, its willful failure to update information provided to Registrar within seven (7) days of any change, or its failure to respond for over fifteen (15) days to inquiries by Registrar concerning the accuracy of contact details associated with the Registered Name Holder’s registration shall constitute a material breach of the Registered Name Holder-registrar contract and be a basis for suspension and/or cancellation of the Registered Name registration.
This again mentions the response time by the registrant to the request by registrar and the registrars subsequent action.
Comment: And, of cause, domain is suspended immediately (well, sort of) after request of competent organization (https://cctld.ru/en/registrators/competent/ , but Russian variant https://www.cctld.ru/ru/registrators/competent/ is more populated). Please note, that such complaint should contain proofs (not just – “There are dragons!”-type complaints, which is loved to be used by Spamhaus-like organizations).
This is one point which is very important to assist the Registrars, Web-Server/VPS providers and security researchers HAVE to provide complete evidence in form of pcap files, or online links which provide the analysis eg. wepawet, malwr sandbox analysis, screenshots. One can go through this forum post on kernelmode.info about the method required to nail a particular IP address or Domain Name.
1 Comments
mindego
Sorry, it it looks like I missed something in previous comment. First of all, English version of cctld.ru contains outdated domain registration rules.
Current version in Russian is available here:
http://cctld.ru/files/pdf/docs/rules_ru-rf.pdf?v=2
Domain registration rules, however, have never forced domain owner or registrar to verify data. 9.3.9 clause of domain registration rules is just force registrar to send _reminder_ to domain name holder, similar to ICANN’s “Whois Data Reminder Policy” (http://www.icann.org/en/resources/registrars/consensus-policies/wdrp)