From: Larry Bloch 
Sent: Thursday, 12 August 2004 12:12 AM
To: jo.lim@auda.org.au
Subject: Issues Paper - Names Panel. NetRegistry Submission

Jo,

Please accept this as an official submission as part of the public consultation process of the 
auDA Name Policy Review Panel.

As one of the largest auDA Accredited Registrars NetRegistry has a wealth of experience in how 
the current policy works in practice. The current policy has considerable merit and in general 
works well. However, there are aspects of the current policy that in practice are counter 
productive do not ensure the desired outcome. In responding to the stated issues, I try to suggest 
outcomes that work in practice while keeping as close to the original policy intent as practical.

1.1 Verification of registrant identity works in practice and serves a useful purpose of ensuring 
.au is populated with known registrants. However, registrars need better access to the ASIC and 
ABR databases, as the current access via web pages is unreliable and quite frankly not the way to 
do this. auDA must negotiate access via XML or another suitable protocol or risk the policy being 
unworkable. In particular, the ASIC website is frequently overloaded and unavailable, and consumers 
suffer delays as a result.

I do not support using addresses as this is almost impossible to verify programmatically and we 
should be moving towards objective, machine determinable criteria and away from subjective human 
checks.

1.2 Allowing non-Australian businesses to register in .com.au is desirable as there are many that 
have an Australian presence or wish to protect their intellectual property in Australia. Using their 
local registries for verification is unworkable, as there are too many countries. I suggest that 
auDA (or another body authorised by auDA to do so) establishes a registry of such foreign companies. 
This registry would then become an authoritative source for registrars. auDA could set the 
requirements (eg: certificate of registration on file, their reason for wanting a .au, contact 
details that they MUST keep up to date at all times or risk losing the name, etc). This registry 
would charge the foreign company for the verification process. As a result, verification would be 
standardized and authoritative, the foreign company registry would present to registrars much as 
ASIC/ABR does, there would be no real change to registrar procedures, and auDA may even see some 
sort of new revenue stream either from charging per entry to the foreign company registry , or a 
licence fee for the registry authority.

1.3 Without renewals charged at transfer (a good thing) long registration periods could see registrars 
providing free service for a long time at no cost. However, to place further barriers to the renewal 
scammers and to assist companies who want other periods, 1, 3, 4 year registrations should be allowed. 
In addition, any registrant should be able to bring their renewal date forward i.e.: they should be 
able to nominate an expiry date within their current licence period. This would not result in any 
refund to them - they would simply lose the period they chop off their licence, but it would enable 
registrants to harmonise their renewal dates which is desirable for those registrants that have a 
number of names (which is most). In combination with 1 year renewals, it would not result in too much 
licence period being given up.

The statement about 2 year periods helping the scamming situation is just plainly wrong. Scammers use 
the knowledge that all names renew every two years to calculate likely expiry dates. Allowing 1 year 
renewals and shortening the licence period at will further assist consumers avoid renewal scams, as 
they will be more aware of their expiry dates (if they select one) and will notice scam notices as a 
result.

1.4 Compliance with RFC 1535 is unnecessary. That is a fact as many registries allow this without any 
ill effect.

2.1 net.au is dying. It is not well supported and is a poor second choice. auDA must choose to either 
support it by removing restrictions (thereby making it attractive to those that do not have an ABN for 
example) or simply let it be that poor second choice. Perhaps an option is to maintain the requirement 
for registrant identity verification, but allow any properly identified registrant to use any name they 
wish.

2.2 We regularly deal with registrant who are not catered for under the current policy. There is a huge 
body of Australians who have a legitimate need for a .au domain name but have not been provided a home 
in .au. They simply register in .com, .net or .org. These people basically want a .org of some sort 
(org.au first, but .org because they can't get .org.au). It is a shame that the current policy deems 
unregistered registrants such as clubs, groups, unincorporated associations, bands, etc fit only for 
.asn.au (which is basically totally unsupported, unrecognised, and ultimately irrelevant) because they 
overwhelmingly don't want .asn.au (and nor would I...and at a guess, nor would any of the panel members). 
.org.au should have its policy amended to match the .asn.au policy. This would bring it in line with 
community expectations.

The Australian public do not in my opinion consider a fund raising .org.au company as legitimate because 
they have an org.au name. Like any marketing material they may be presented with, that judgement is made 
on the basis of their experience and their feel for what they see and read, if not by calling the entity 
up. 

In fact, I doubt the general public have a clue that .au domain names must be registered entities in 
general. That they are registered assists in tracking and identifying scammers/fraudsters, not in 
legitimising .au websites. After all, only about 300,000 Australians out of 20m know you need an ABN/CAN 
etc. And fewer than 5,000 (at a guess) would know you need to be a registered non-profit to be in 
.org.au.

3.1, 3.2 These criteria are simply a waste of everybody's time and serve no purpose whatsoever. It is 
clear from practice that a suitably qualified registrant (with an ABN/CAN) can have whatever name they 
like by selecting one of the various criteria to suit their circumstance. There have been almost no 
challenges to these criteria, despite many being picked almost at random. A simple warrant that the name 
is to be used for a legitimate purpose related to the business would suffice. This warrant may include 
that it is not to be used for a list of ineligible purposes (such as extorting money from a brand owner 
or other cyber squatting, on selling, defamation, illegal purposes etc). It would simplify things for 
everyone (auDA included), remove THE MAJOR source of registrant confusion, meet registrant expectations 
and do away with a policy that in practice is broken more often than it is adhered to.

There are still registrants out there that are registering business names purely for the purpose of 
having a close and substantial match. This particular policy is in practice a nonsense and every 
registrar will tell you so. Doing away with it loses nothing, gains much and is to be recommended.

3.3 id.au policy should allow any name to be registered with a warrant that the name is to be used for 
non-commercial, personal, non-illegal, non-cyber squatting, non-resale etc use.


Regards

Larry Bloch
Chief Executive Officer
NetRegistry Pty Ltd