Jump to content

Registrant: Difference between revisions

From ICANNWiki
Jessica (talk | contribs)
Jessica (talk | contribs)
 
Line 23: Line 23:
===[[cybercrime|Common Scams]]===
===[[cybercrime|Common Scams]]===
*Impersonating ICANN or an ICANN-accredited registrar, and sending fake renewal emails in an attempt to collect a payment.
*Impersonating ICANN or an ICANN-accredited registrar, and sending fake renewal emails in an attempt to collect a payment.
*Conducting [[phishing]] attacks that trick registrants into revealing login information to try and take control of the domain.
*Conducting [[phishing]] attacks that trick registrants into revealing login information to try and [[Domain Name Hijacking|take control of the domain]].
*Convincing you via fraudulent means to buy a domain name under a different top-level domain name at a higher price.<ref>[https://www.icann.org/en/system/files/files/help-keep-domain-name-secure-30sep20-en.pdf Domain Name Security, ICANN Org]</ref>
*Convincing you via fraudulent means to buy a domain name under a different top-level domain name at a higher price.<ref>[https://www.icann.org/en/system/files/files/help-keep-domain-name-secure-30sep20-en.pdf Domain Name Security, ICANN Org]</ref>
===[[Compromised Domain]]s===
===[[Compromised Domain]]s===
A compromised website indicates that a [[Threat Actor]] has control over the website and is not the official registrant of the domain itself. A domain name that has been registered for a legitimate or benign purpose but whose website has been compromised will generally have:
A compromised website indicates that a [[Threat Actor]] has control over the website and is not the official registrant of the domain itself. A domain name that has been registered for a legitimate or benign purpose but whose website has been compromised will generally have:

Latest revision as of 18:55, 5 April 2022

A registrant is a person, company, or entity that registers a Second Level Domain Name (SLD) through a Registrar. A registrant pays a yearly fee to the Registrar in order to own or license the SLD. The registrant may maintain the domain by paying the fee, let the domain expire by not paying the renewal fee, or sell the domain to another registrant in an auction, trade, or private deal. Upon registration of a domain name, a registrant enters into a contract, which describes the terms under which the registrar agrees to register and maintain the requested name. To modify a setting, a registrant submits the changes to the registrar, and the registrar sends the change to the registry. In the eyes of ICANN, registrants have the same rights and responsibilities as domainers.

Rights[edit | edit source]

  • Registrants can review their Registration Agreement at any time and are entitled to accurate and accessible information about
    • the identity of the ICANN Accredited Registrar;[1]
    • any proxy or privacy service provider affiliated with the Registrar;
    • the Registrar's terms and conditions, including pricing information;
    • customer support services;
    • how to access them and how to raise concerns and resolve disputes with the Registrar or any privacy services offered by them; and
    • instructions and explanation of the Registrar's processes for registering, managing, transferring, renewing, and restoring the domain name registration(s) in question, including through any proxy or privacy services.
  • registrants shall not be subject to false advertising or deceptive practices by the Registrar or any proxy or privacy services. This includes deceptive notices, hidden fees, or any practices that are illegal under the consumer protection law of the registrant’s residence.

Responsibilities[edit | edit source]

Registrants also have the following responsibilities:

  • comply with the terms and conditions posted by your Registrar, including applicable policies from the Registry and ICANN;
  • review the Registrar's current Registration Agreement, along with any updates;
  • assume sole responsibility for the registration and use of the domain name in question;
  • provide accurate information for publication in directories such as WHOIS, and promptly update the information to reflect any changes;
  • respond to inquiries from the Registrar within 15 days, and keep the Registrar account data current; and
  • keep the payment information current if the registrant chooses to have the domain name registration renew automatically.[2]

WHOIS[edit | edit source]

Main Article: WHOIS
The registrant of any particular domain name can be accessed via WHOIS. This means that when registering a domain name, the registrant must provide contact details such as email, name, mailing address, and phone number for the registrant, the administrator, and the technology officer, which may or may not be the same person. Alternatively, some Registrars provide WHOIS privacy protection, which inserts generic Registrar contact details instead of registrant information, in exchange for a monthly fee.

Security[edit | edit source]

Common Scams[edit | edit source]

  • Impersonating ICANN or an ICANN-accredited registrar, and sending fake renewal emails in an attempt to collect a payment.
  • Conducting phishing attacks that trick registrants into revealing login information to try and take control of the domain.
  • Convincing you via fraudulent means to buy a domain name under a different top-level domain name at a higher price.[3]

Compromised Domains[edit | edit source]

A compromised website indicates that a Threat Actor has control over the website and is not the official registrant of the domain itself. A domain name that has been registered for a legitimate or benign purpose but whose website has been compromised will generally have:

  • viewable content related to the domain name,
  • been renewed or registered for longer than 1 year, and
  • a content management system (like Wordpress) that is visible in the URL.[4]

References[edit | edit source]