Bruce Tonkin [Bruce.Tonkin§melbourneit.com.au] wrote:
> Hello Chris,
> 
> Thanks for your response.  I would like to note that Melbourne IT has kept
> not the reseller to authorise a transfer.  The authorisation is a two step
> process:
> (1) request domain name password from registrant to initiate a transfer
> (2) send a confirmation email to the registrant contact email address in
> WHOIS
> In the process undertaken by Melbourne IT the registrant is provided with
> the updated password, and if they are not contactable, they can retrieve the
> password directly from Melbourne IT.
> 
> If you mean that updating the passwords makes it harder to by-pass the
> authorisation process of the transfer policy then you are correct.  We have
> already detected instances that you have been advised of, where a registrant
> has not authorised a transfer, but where the reseller initiated the
> transfer.

nothing wrong with that if the registrant authorises the reseller to select a registrar
on their behalf is there? the policy badly needs reviewing currently it is setup to
protect MITs incumbant customer base from competition. MIT scrutinise every single
transfer and queries every single transfer causing overhead for registrants, resellers
and competing registrars. 

the policy must be reviewed.

Vic