For Sale auth codes

[6sons]

Has anyone been given this web address in order to obtain an auth code?

https://services.cira.ca/DotCaManager/dcm/home.action

This is what Sibername.com gave me and I couldnt login but received an authentication error.

 

[silentg]

You tried to log-in using the CIRA user ID & password?
(This is different from your Sibername userid and pwd)

 

[6sons]

You tried to log-in using the CIRA user ID & password?
(This is different from your Sibername userid and pwd)

Yes..cira. I tried all 3 of our company u/p and none worked. Did you try to login?

 

[silentg]

It's not working for me either. I can't even manage .ca domains at Sibername due to Maintenance.

 

[liberator]

That is the link for the registrars who manually want to administer their clients domains, I have no idea why Sibername would give you that link. At least this is my understanding from communications with CIRA

 

[6sons]

It must be growing pains. Apparently their site will be ready to serve up auth codes by 11am today.

 

[whitebark]

It must be growing pains. Apparently their site will be ready to serve up auth codes by 11am today.

Let's hope so because I have a big deal being held up at the moment waiting for registrars to get their act together.

 

[Spex]

I contacted an end user and Godaddy to get them to process the RANT transfer and to remove my info from a name I sold in August (and pushed from my account at Namespro to the buyer's account at GoDaddy)

And all GoDaddy did was send me the auth code

 

[msn]

I contacted an end user and Godaddy to get them to process the RANT transfer and to remove my info from a name I sold in August (and pushed from my account at Namespro to the buyer's account at GoDaddy)

And all GoDaddy did was send me the auth code

Congratulations, you own the domain. As Webnames.ca told us yesterday, if we allowed a registrar transfer over to them, whoever has the code can then take then domain registration, regardless of the actual registrant according to the WHOIS at CIRA.

 

[Spex]

So since it's in his Godaddy account, under his control (he's already got a site up and running on a new DNS), and I have the auth codes I can technically transfer it back to my Namespro account?

Wow, that's sick. Hope these blackholes get fixed ASAP

 

[fwdtech]

Congratulations, you own the domain. As Webnames.ca told us yesterday, if we allowed a registrar transfer over to them, whoever has the code can then take then domain registration, regardless of the actual registrant according to the WHOIS at CIRA.

WOW !

(How did the buyer get access to the account?)

 

[CanSpace]

The auth code does indeed allow you full control over the domain. It's assumed only the registrant will have access to it.

CIRA recommends that after a registrar transfer, the new registrar changes the auth code immediately (to avoid the situation Spex described above, where the previous registrant can just transfer it back).

 

[theinvestor]

That's a big issue don't you think?

 

[CanSpace]

I don't necessarily think so. It's like saying someone who has your email account password has access to your email account - it pretty much goes without saying.

As a process, registrars should automatically update auth codes after a transfer.

 

[msn]

WOW !

(How did the buyer get access to the account?)

This is the key part of what Webnames.ca did: since the 'buyer'-to-be paid for the registrar transfer, Webnames.ca decided to give them the account login and password and to withhold it from us. In legal terms, Webnames.ca itself actively participated in conversion.

 

[fwdtech]

This just gets better and better.

We've be waiting to do a regisRANT transfer since Wednesday, and have given up on Sibername. (although they did manually send us the auth. code today).

So we decide to transfer to namespro.

Namespro says to:

1. Obtain auth. code from present registrar.
2. Ask registrar to unlock domain.

Then, email auth. code to namespro.


So, it's all done manually, hoping that the registrar unlocks the domain when we ask - AND THEN, we just give the auth. code out.

Does anyone think is a great system?

Perhaps the CIRA shills can come back online and defend this absolute joke.

 

[msn]

That is insane! We just saw Webnames.ca aid and abet a hijacking of our domain by using an Auth Code we never even got, and a registrar wants you to hand it over for a look-around?

Someone at CIRA needs to hit rewind here and quickly.