Fabulous auto renew (6.Viewing)
- Topic Starter rlm
- Start date
- Replies: Replies 93
- Views: Views 4,645
DomainTrader
DomainTrader.com
DomainTrader
DomainTrader.com
Wow
DomainTrader
DomainTrader.com
Great questions@richard.schreier , question for you... What liability does a registrar have to a domain owner in the following situations?
1. you told them to auto-renew, but they didn't do it, and let the domain expire.
or
2. you paid for a renewal, they gave you the receipt confirming the renewal was paid, but they didn't actually renew it, and subsequently let the domain expire.
In either case, does a registrar have any liability to the owner for their mistake, and if so, what is that liability?
Thanks!
DomainTrader
DomainTrader.com
DomainTrader
DomainTrader.com
That's total BULL what the hell is with all these registrars lately
DomainTrader
DomainTrader.com
I said wow too early! Lol wow
I kinda suspected this was the case, but I have now confirmed it to be 100% true. A registrar (MyID) screwed the pooch big time, with domains that had been supposedly PAID FOR AND WITH RECEIPTS, allowed to expire anyways, and those domains then dropped in last weeks TBR. And of course some of those domains were subsequently re-registered and auctioned off. I know of at least two different domain owners that were affected, and the registrar behind the mess is MyID. Not only did they allow customer domains to expire (after they collected the renewal payment and issued a receipt), to add insult to injury, they recaptured some of the domains, then auctioned them off to other customers! What a great business, eh? Charge your client to renew a domain, pocket the funds, let the domain expire anyway, re-capture the domain in TBR, then auction it off again to some other domainer?
When you get a chance can you:
Let us all know what liability a registrar has to a customer in this situation?
Who would CIRA consider the rightful owner?
Will CIRA try to rectify the situation by recovering the improperly lost domains for the original owner?
Will CIRA sanction a registrar for not taking due care and safety with customer assets?
We have_receipts from MyID showing the domains were paid for and that the domains were supposedly renewed...
While I'm sure this wasn't intentional, it is progrommatically trivial to confirm that a renewal actually took place. Any registrar that cannot guarantee that much should not be a registrar. And there should be some help by CIRA to the rightful owner who lost domains, and some consequence to the registrar.
Thanks for any assistance and clarity to this situation.
mikeyboy
Member
- Joined
- Oct 28, 2021
- Topics
- 53
- Posts
- 213
- Likes
- 167
wow.. trippie
rlm
Bonfire.ca
BIG SCARY UPDATE:
New information has been discovered. And maybe this is an unthinkable situation. This may not be MyID's fault after all. It could be CIRA's fault??? If so, I will profusely apologize to MyID (although I'm still not happy with MyID's response to the situation). You would think that in a transaction between MyID and CIRA that if anything went wrong, it would have been MyID to blame and not CIRA.
But get this: The owner of one of the mysteriously renewed-yet-deleted domain names found the email from CIRA stating that the domain name HAD BEEN REDEEMED (i.e. renewed) on Jan 3, 2023. So MyID claimed to have accepted payment, and renewed the domain, and their systems reported back a success. And that now seems to be somewhat confirmed by the fact that CIRA sent the "redeemed" email out to the owner. Yet the domain mysteriously was deleted and released in TBR in February anyway.
The only way I can see that happening is if:
A) CIRA screwed up, responded with success to MyID's request to renew the domain, sent out the "redeemed" email message, yet did NOT actually renew the domain. The domain then went through the normal delay between expiry and TBR (49 days later).
B) The renewal was successful, but either MyID or CIRA subsequently sent a "delete" command to CIRA and deleted the domain from the registry, thus pushing it into TBR.
Scenario A seems more likely.
So the question is, how many times has this happened before? Is MyID the only affected registrar? If so, why?? Have we uncovered a CIRA bug? Was this some one time anomaly at CIRA?
That is a scary thought, you could renew a domain, your registrar thinks it renewed, you get a receipt that it was renewed, they report to you in their interface that it was renewed, and even CIRA sends you a message that it was renewed. AND YET YOUR DOMAIN GOES TO TBR!!!
New information has been discovered. And maybe this is an unthinkable situation. This may not be MyID's fault after all. It could be CIRA's fault??? If so, I will profusely apologize to MyID (although I'm still not happy with MyID's response to the situation). You would think that in a transaction between MyID and CIRA that if anything went wrong, it would have been MyID to blame and not CIRA.
But get this: The owner of one of the mysteriously renewed-yet-deleted domain names found the email from CIRA stating that the domain name HAD BEEN REDEEMED (i.e. renewed) on Jan 3, 2023. So MyID claimed to have accepted payment, and renewed the domain, and their systems reported back a success. And that now seems to be somewhat confirmed by the fact that CIRA sent the "redeemed" email out to the owner. Yet the domain mysteriously was deleted and released in TBR in February anyway.
The only way I can see that happening is if:
A) CIRA screwed up, responded with success to MyID's request to renew the domain, sent out the "redeemed" email message, yet did NOT actually renew the domain. The domain then went through the normal delay between expiry and TBR (49 days later).
B) The renewal was successful, but either MyID or CIRA subsequently sent a "delete" command to CIRA and deleted the domain from the registry, thus pushing it into TBR.
Scenario A seems more likely.
So the question is, how many times has this happened before? Is MyID the only affected registrar? If so, why?? Have we uncovered a CIRA bug? Was this some one time anomaly at CIRA?
That is a scary thought, you could renew a domain, your registrar thinks it renewed, you get a receipt that it was renewed, they report to you in their interface that it was renewed, and even CIRA sends you a message that it was renewed. AND YET YOUR DOMAIN GOES TO TBR!!!
thats crazy scary. 
I think in that case CIRA would have to do an about face and release the domain back to the proper owner.
Similar to the godaddy emails after you paid for your domain and it's been in your account for a month.
You know the one...
I'm sorry there was a mistake, you have been refunded and the domain has been removed from your account...
Similar to the godaddy emails after you paid for your domain and it's been in your account for a month.
You know the one...
I'm sorry there was a mistake, you have been refunded and the domain has been removed from your account...
DomainTrader
DomainTrader.com
Absolute bull
CIRA made some changes to the domain redemption process that were supposed to be "not significant" shortly before Christmas. It completely broke how we handled the renewal of domains in auto-renew-grace, as we used to delete domains and redeem them to cancel the auto-renewal status, then explicitly renew the domains. IMHO this had a slew of benefits, but I'm an avowed enemy of the whole auto-renewal-process.
Anyhow, after the change, the domains came back from the redemption request in "auto-renew-grace" (with it's extended expiration date) where as previously they would come back without the auto-renewal status and showed their original expiry date.
Anyhow, it clearly broke things at other registrars too, as CIRA came back a few weeks ago (?) suggesting we might have double-renewed some domains (no) and offering to cancel the extra year's renewal (no thanks).
I suspect that this is more fallout from that change... and yes, I'll be curious to see how it gets "fixed". -Tom
Anyhow, after the change, the domains came back from the redemption request in "auto-renew-grace" (with it's extended expiration date) where as previously they would come back without the auto-renewal status and showed their original expiry date.
Anyhow, it clearly broke things at other registrars too, as CIRA came back a few weeks ago (?) suggesting we might have double-renewed some domains (no) and offering to cancel the extra year's renewal (no thanks).
I suspect that this is more fallout from that change... and yes, I'll be curious to see how it gets "fixed". -Tom
rlm
Bonfire.ca
Wow, thanks @bmetal . It sounds like CIRA made fundamental changes they assumed would be inconsequential, and well I think there's an an old adage about making assumptions. It also sounds as though you quickly got the issue fixed at Baremetal, but that the changes came unexpectedly since it broke your process? Did CIRA at least notify you of these changes well in advance so you could be on the lookout for broken functionality?
This sounds way too closely related to what you're talking about to be unrelated to MyID's release of a whole bunch of domain names in that Feb 15 TBR session that were supposedly be paid for and renewed. It sounds like CIRA is the culprit and that I will need to make an apology to MyID for putting the blame on them - unless of course if CIRA made them well aware of the upcoming changes and they still neglected to test and make any modifications necessary.
So I am also curious to see how CIRA fixes this - not that I have any skin in the game. Considering they screwed up last year releasing so called "reserved" domains and then fixed it by taking all of the registrations away (even though many of those domains had no remaining legitimate reasons to be reserved anyways), I sure hope they do similar again this time, take the domains away from the new owners, tell the registrars to refund their customers, and then return the domains to the rightful owners who got screwed here. It will be especially interesting because this time, MyID recaptured some domains lost by their client and then auctioned it off to a different client. And WHC also auctioned off some of these ill-gotten domain names too. That will require the registrars to return the auction proceeds to the innocent victims who bought these domains and explain the mess, along with a big fat apology from CIRA. As a domain investor, at least that is an understandable course of action, disappointing of course, but is comforting in knowing that the right thing was ultimately done. The longer the passage of time goes on before these screw ups get corrected, the harder it is to untangle the mess.
I'm just curious
@FM , if CIRA says you auctioned off a TBR domain that should never have been in TBR, I can only assume you're willing to return the domain and refund your customers? 
@MapleDots , we don't have @myid on here do we?Ultimately - the only thing I'm trying to achieve here is to ensure that the right thing gets done, that the parties involved accept their responsibility in the matter, and that requires transparency and accountability just to uncover the scope of the problem. Even if its a little embarrassing for CIRA or the registrars involved.
And take this as a warning to each of you here, review your domains that renewed in December/January time frame. Make sure they were actually renewed and not released in TBR. This may be your only chance to correct it! I'm going to go take a closer look at my own portfolio just for peace of mind, even though my preferred registrar seems to be on the ball.
I can almost guarantee you they are on here but with an alias.
We already know that CIRA has taken domains back in the past when they released domains by accident and then took them back so any domains renewed and accidentally sold at TBR would have to be returned. CIRA has shown they can enforce removal of domains so its just a question of what the process would be.
rlm
Bonfire.ca
And with respect to the scope of the problem, CIRA should probably warn all registrars to review renewal records from this time frame to ensure that all renewals occured for any domains that a registrar accepted payment for. This shouldn't really be the domain owner's responsibility to complain about and try to get fixed. CIRA and registrars should be proactively looking for these screw ups now that we're aware that some may exist.
theinvestor
DNCanada.ca
It is kind of ridiculous that we would be expected to figure out whether our own domains dropped or not. Hopefully all these domains get clawed back as that is the only fair outcome here.
DomainRecap
Member
- Joined
- Nov 23, 2020
- Topics
- 64
- Posts
- 4,653
- Likes
- 2,635
Eby
Verified Member
+1 for it being the only logical fair outcome. Which would logically force the TBR registrars to do refunds. (or incur a pile of really bad will.)
As for checking your own renewals... AFAIK, The change came into effect Dec 15th, and should only affect domains that were renewed after they had expired, and for which you got the "you have 30 days to save example.ca" message from CIRA (indicating the domain was deleted by the registrar -- timing of which could/would be registrar dependent).
As for what notice registrars got? None that I am aware of. It wasn't in the Dec 12th registrar report, which simply said CIRA would be doing maintenance... but I may have missed it elsewhere. One could also argue that the redemption process documentation is sub-par and consequently it was very logical for registrars to use the system CIRA provided as a reference model.
that shouldn't have applied to this scenario. CIRA was picking out domains that had been auto-renewed and THEN renewed again ... effectively a multi-year renewal.
This looks to me like domains which got (deleted* and then) redeemed, but then for whatever reason did not get renewed (which is separate from the redemption). In fact, I'm starting to think that myID was doing what we were doing, cancelling the auto-renewal and locking in a real renewal ... but their software wasn't paranoid/defensive enough to see that CIRA suddenly wasn't on the same page they were. Handling errors is hard. And if they were doing things the way we were, they would not have had a system to remember not to delete some domains in auto-renew-grace when they got to a certain age. ***
... but that's all just GUESSING that these domains were ones affected by the redemption process change.
-Tom
* a registrar "delete" moves a domain into "redemption period" from "auto-renew-grace", 30 days later it would go to pending-delete/TBR. I'd have to go re-read the docs to accurately describe what redeeming a domain does, but it's basically undoing the delete. a redemption is NOT a renewal ... that is separate and usually comes afterward... the mess here is is with domains that get redeemed when they were still in auto-renew-grace (45 days from their expiry date).
** I HATE auto-renewals. When a domain that is in auto-renew-grace (or whatever it is) gets renewed... NOTHING happens (now). The registrar just makes a mental note not to delete the domain near the end of the auto-renew-grace window. Previously, we were able to jump hoops, cancel the auto-renewal and lock in a real renewal. We had to modify our systems to confirm to the more traditional auto-renewal model. This model has a number of negatives. 1) It's confusing... we frequently have arguments with clients about whether their domain is expired or not, 2) letting a domain expire, renewing it, then transfering it to another registrar will lose the renewal, 3) It's F'ing complicated. IMHO it was better back in 2000 when CIRA controlled the whole deletion process, but no, instead of "best practice" CIRA had to make it "industry standard" and follow the .com model. The only reason/guess I can see for this model is that verisign's lawyers didn't want to be responsible for deleting domains so they pushed it off to the registrars.
*** All that said, I'm hard put to imagine that a registrar could have gone 2.5 months without realizing they had a problem. And once they recognized it, how could they not own up to it?
Sponsors who contribute to keep dn.ca free.
 |
 |
 |
 |
 |