How easy is it to get a domain? Very easy in fact

Before I talk about the article which I’ve been thinking about lately, I want to mention getting a domain in general is easy. In fact, I’ll mention a phraise from the article “too easy.” Thats it.

For most domains, you just pay the money requested, turn on the option for identity protection, and away you go. For other domains, there may be more steps like having an SSL certificate installed, or even proof of address or phone number.

One of the things they do say is that you should have “accurate records” for the directory, or you could be terminated but I don’t know how true that really is. I know someone who may have put a false address in place, but I don’t want to outright confirm or deny anything, especially since things have changed.

Now, lets talk about this article entitled It’s Way Too Easy to Get a .gov Domain Name and why I think there should be a change. According to research for this article, someone reported that government domains do require some form of letterhead from the governmental agency. I suppose the letterhead will have a letter telling the registering company what the use will be, but I am unclear about that. Now, the guy who did the research baught the domain, sent in the forms, and had the domain and he didn’t work for the government.

I think that if we need to prove who we are, by supplying our contact info, we should also supply valid documentation to prove who we are if we’re buying domains that require that. I have a .com,, .net, and .info and all I’m using for different purposes. I also have a .org yet I’m only running the site, I’m not employed by the company who is now paying me to run it. I wasn’t asked for documentation for the organization, and I would have provided it upon request. Is this the same type of thing that may be utalized for the .gov domain discussion in the article?

I would suggest everyone take a look at this governmental thing, and lets discuss what you think we can improve the security of our domains. This is why miscreants are able to buy large swaths of domains because there’s no validation and questioning of what will be done with it. Even if you ask for identification by calling to verify who you say you are, that would be a start. Even clicking a link to verify they’ve got the proper email address for registration would be a start.

I’d be interested in your thoughts. I’ve been thinking about this article after a long days worth of work, and now its time to put it to paper or in this case, virtual paper. Thoughts?

2 thoughts on “How easy is it to get a domain? Very easy in fact

  1. Hi Shaun,

    Great points! I bring it up as a talking point. My goal is not to have any part in changing things. The research was done in the article that Brian Krebs posted to show how easy it is. Prices are pretty fair, anywhere from a few bucks to $15 for .com, .org, or .info. Even for the .us domain which I owned one of, its simple.

    I was on name cheap looking at domains with my name. There are quite a lot of domains and you can look it up yourself. Some require checks like SSL certs, some don’t require anything but the higher price. I think one was anywhere from $35 to $90 for the domain per year.

    I have had my info domain for 8 years now, and my new project is using it. The .org is available but I don’t need it.

    This is up for discussion, I think it should be a good one to have. I’d read the article in full and see what the research showed, although again, you’ve got some great points here. What do other people think?

  2. Hi.
    To be honest there should be restrictions on domains, such as, for example.
    A .org domain is for an organisation, only organisations or groups becoming organisations should be allowed to get that with the right documentation, police checks, etc.
    The same for .gov, governments should have these, .mil military, etc.
    Some of this stuff shouldn’t even be sold on the public registers for starters.
    Some universities and schools and other domains to.
    Saying that even if you restricted all these domains, even if .bis was also restricted, .com and .net are commen domains these days.
    . whatever your country is or .co. whatever your country is is also fine as is probably .info, and maybe a few other things.
    Now what we don’t need for those that have the cash at least, is it being so secure that you decide not to bother.
    I have started to join some service or rather only to descover you need so much information that its going to cost you so much getting that and then keeping it updated that it may be better not to bother at all.
    I had one such issue with the tax department and someone I was helping out.
    There are some errors that need changing else bad things can happen and will happen.
    However it took a lot of stuff way over my head to set it up, and a lot more stuff to adjust what was there.
    Now, I have the choice on being fined a certain amount each year for having incorrect information, or try to correct it it.
    Being the law abiding person I am last week I roled up my sleeves and got my nose grinding against the stone of work.
    I had a coffee, and a good supply of chocolate, and was ready for a hard grinding session.
    I got to the website to set things up only to find that not only did I have no idea where to go but when I got there, it was so complex I couldn’t understand it.
    Now true I could employ a lawyer, and get it sorted out over a period of time, and sign all the paperwork and complete a large change over.
    But I could just as easily not bother and continue paying the fines because simply to change anything I had to climb mount everist to even attempt to change it all.
    I had the same issue with some insurance stuff I had to claim for.
    Eventually I did all that via postal form because to do it online would take far to long to enter the information in.
    I have had issues where due to an issue, a simple mistake at admin level could potentially land me in the dog box.
    I had a problem, I reported my issue, I gave the stuff manually, I screwed it up.
    And then I fixed my issue.
    The issue I reported was noted but probably not logged, my corrections went missing and the log of my call to get the stuff done misteriously went missing to.
    I needed to go to where ever it was, with all sort of varification and fix it.
    It took me a while talking over the phone and all sorts of legal stuff.
    Suddenly they decided that they didn’t need all the information and decided to drop it.
    I wasn’t happy, yes, things were now back to normal except it had been done so while things were back where they should be the list of errors were left open.
    And that is just the income department and some travel things I had to report.
    And that was me getting off lightly, I know and have read many articles on how bad they can actually be.
    To domains, we really don’t need more security, at least for low level domains, but anything big, .com,.net, .org,.gov, .school, .ac, maybe some of the country spaciffic domains well maybe there needs to be a class, the higher the level the more checks you need.
    If you are having a low level whatever, ie .tk, or whatever, you probably can only do a few certain things, but for say a home user or small business, you may never need higher level domains for everything.
    People are buying domains just to say they have one.
    You can even trade a domain on ebay and stuff and thats not right either.
    Domain trading shouldn’t be allowed either.
    One thing we really don’t want to do is make it worse.
    I have had to dump a lot of software that I did use, some legally, and some otherwise simply because to keep updated and with their licencing and price structures, I would spend more time keeping myself active than using the software.
    I agree a ballance needs to be achieved, but we don’t want to have it so hard that well who knows.
    On the other hand for the home user, maybe a subdomain is probably cheaper than bothering with a full one.
    Maybe home users should have their own set of domains, businesses can have slightly higher, heck a home user could be a business level user to I guess if they wanted.
    But at some point, maybe enterprize levels, prices should go up, maybe not necessarily that but more checks.
    For everyone, especially for domains and such, email address information would be fine.
    Mobile phone varification, sms codes, etc could be good idea.
    Where appropriate address varification to.
    And if it got that secure of an issue personal varification and vetting, checks interogation, etc if it got that high a level.
    There is a lot about the net we still havn’t got a grasp yet, and all these breaches, hacks and stuff have shown me that we really havn’t managed to control everything to the best of our ability as humankind.
    We also need to have some international control administered by some impartial international forum which has no corperate or other interests except to keep it fair.
    In a utopian world that wouldn’t be a problem.
    However with all the issue in the middle east, china, everything from sensorship to an extreme to forced brainwashing, to cutting of the net in some cases, we are not ready to take that step.
    Before we can control the online world we must fix our own world first, and thats likely not to be the case ever.
    With the threat of global warming and world war 3 going all over the place, we have about 50-100 years to think what we will do next.
    Sadly, jared this is just another article in a see of other articles, some of them fake, some of them true.
    It means nothing and will not change anything.
    It would be nice but damning articles have appeared like this before.
    I wouldn’t say there is no hope, but either we will rise to the occasion or we will probably fuck it up, maybe not for us but someone else.
    It won’t be the bad guy that has the issue.
    Look at so called software activation.
    And look at security ssl keys.
    Often companies drop their keys and lose them.
    They laugh about it, and get new keys which they then drop.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.