PDA

View Full Version : Sedo getting bad press. So are IDN. Thanks SEDO.


sarcle
16th February 2007, 05:04 PM
In other Sedo news, the company has added “IDN” graphics next to domains with non-roman characters:

http://img248.imageshack.us/img248/4299/sedoidnft4.jpg

This is likely because of user confusion. Depending on your browser and language plugins, IDNs can look very similar to english language domains. If domainers are confused by this, you can bet the web community as a large will be fooled by IDNs (read: phishing attacks to come).

http://domainnamewire.com/2007/02/16/sedo-hit-by-ddos-attack-adds-new-listing-feature/

How did I know that this would give IDN a bad name. Thanks again Sedo for allowing these to be sold on your site.

jacksonm
16th February 2007, 07:20 PM
How did I know that this would give IDN a bad name. Thanks again Sedo for allowing these to be sold on your site.

In the grand scheme of the domain market, sedo is just a grain of sand in a dumptruck. What do they do, maybe 100 sales a week? Most of their revenue comes from clicks and people paying for domain promotions. After watching the site for a while, I start to get the idea that they are propping up the auction listings and sales just to drive interest. Honestly, I don't trust their business model - there's just not enough transparency.

I would venture to say that 99% of domain sales happen privately, and not between "domainers" or sedo browsers, and that's not likely to change.

--
jacksonm

Giant
16th February 2007, 07:22 PM
How did I know that this would give IDN a bad name. Thanks again Sedo for allowing these to be sold on your site.

Not just give IDN a bad name, the consequense is far more serious than we can see. If they let this kind of scam continue to grow, we will see a lot of casualties among IDN domainers --- more money is needed to keep renewing IDNs.

sarcle
16th February 2007, 07:26 PM
Not just give IDN a bad name, the consequense is far more serious than we can see. If they let this kind of scam continue to grow, we will see a lot of casualties among IDN domainers --- more money is needed to keep renewing IDNs.

This is why in the meantime development is so important.

bwhhisc
16th February 2007, 07:38 PM
In the end, the biggest market for IDN are the endusers and people that speak the various international languages.

No doubt SEDO is doing a disservice to the domain industry by allowing these mixed script domains to be sold. Even EBAY has pretty much stopped the practice.

If anything, SEDO should label these "novelty domains" or "mixed script domains", NOT "idn".

To help with this situation, please take a few minutes and write to SEDO. Post letters to their guy at DNF. If they get enough mail they will react. The little bit of mail many of us sent got a "small" albeit not good solution of the little IDN label.

Lets push for them to label these "mixed script" or something appropriate... but NOT idn.

Rubber Duck
16th February 2007, 07:38 PM
Not just give IDN a bad name, the consequense is far more serious than we can see. If they let this kind of scam continue to grow, we will see a lot of casualties among IDN domainers --- more money is needed to keep renewing IDNs.

I don't think we need to worry about too many domains on the market now.

All the odd corners seem to be being hoovered up and the Registrars now seem to be buying dot JP in Japan.

The market dynamic is definitely moving in favour of sellers.

Not only that with Dot Mobi returning to earth and the Sedo "fix" actually apparently have some impact, the amount of investment capital pouring through the cracks in the floor is now greatly diminished.

sarcle
16th February 2007, 07:42 PM
In the end, the biggest market for IDN are the endusers and people that speak the various international languages.

No doubt SEDO is doing a disservice to the domain industry by allowing these mixed script domains to be sold. Even EBAY has pretty muched stopped the practice.

If anything, SEDO should label these "novelty domains" or "mixed script domains", NOT "idn".

To help with this situation, please take a few minutes and write to SEDO. Post letters to their guy at DNF. If they get enough mail they will react. The little bit of mail many of us sent got a "small" albeit not good solution of the little IDN label.

Lets push for them to label these "mixed script" or something appropriate... but NOT idn.

You can let your voice be heard here in their section with the thread already started. Sedo was just looking at it today.

http://www.dnforum.com/showthread.php?t=209387

IDNCowboy
16th February 2007, 07:51 PM
In the grand scheme of the domain market, sedo is just a grain of sand in a dumptruck. What do they do, maybe 100 sales a week? Most of their revenue comes from clicks and people paying for domain promotions. After watching the site for a while, I start to get the idea that they are propping up the auction listings and sales just to drive interest. Honestly, I don't trust their business model - there's just not enough transparency.

I would venture to say that 99% of domain sales happen privately, and not between "domainers" or sedo browsers, and that's not likely to change.

--
jacksonm
They have a large chunk of the market.

jacksonm
16th February 2007, 08:48 PM
They have a large chunk of the market.

Not meaning to question your integrity, but do you have reliable statistics to back that up? BTW, of which market do you speak, insiders (domainers)?

I think that sedo has pulled the wool over a great many people's eyes...


--
jacksonm

IDNCowboy
16th February 2007, 09:38 PM
Not meaning to question your integrity, but do you have reliable statistics to back that up? BTW, of which market do you speak, insiders (domainers)?

I think that sedo has pulled the wool over a great many people's eyes...


--
jacksonm
Every domainer knows that they are. Not all sales are reported on dnjournal. Many do not meet their minimum requirements. Others have non disclosure agreements. They did the vodka domain sale themselves and made a ton of comission just on that.

Even on the main domain forums. Many people will choose an escrow service for high valued domains. The main escrow services are SEDO, AfterNIC and moniker.

jacksonm
16th February 2007, 09:47 PM
They did the vodka domain sale themselves and made a ton of comission just on that.


If you figure 3M * .1, that's barely enough to employ one person for 3 years in germany (legally)... And I know they are employing more than one person...

For an individual, that would be huge. For a tax-paying business, it's just survival. Most companies who operate on a 1-2% margin need to do 70M per year just to stay afloat.

--
jacksonm

IDNCowboy
16th February 2007, 09:50 PM
If you figure 3M * .1, that's barely enough to employ one person for 3 years in germany (legally)... And I know they are employing more than one person...

For an individual, that would be huge. For a tax-paying business, it's just survival. Most companies who operate on a 1-2% margin need to do 70M per year just to stay afloat.

--
jacksonm
Alright mr. domainer

who does the majority of the domain transactions? You come on this forum bashing sales threads etc.

I suppose you haven't seen the revenue figures of Sedo. They make millions of profit each year after expenses.

jacksonm
16th February 2007, 10:25 PM
Alright mr. domainer

who does the majority of the domain transactions? You come on this forum bashing sales threads etc.

I suppose you haven't seen the revenue figures of Sedo. They make millions of profit each year after expenses.

I suppose you haven't either, unless you work for them.

Come on, now, let's attempt to stay stay civil here. As a user of sedo.com, I believe that it is well within my rights and experience to be suspicious of sedo's operational practices.

I'm not bashing any sales threads, I'm just insinuating that sedo isn't all it purports to be. It doesn't take an MBA to suspect that.

As a private company, how can outsider report sedo's level of profit? They could be operating on VC with massive losses as far as I know.

I made the post as a matter of healthy debate. I am receptive to well-presented opposing viewpoints.

--
jacksonm

IDNCowboy
16th February 2007, 10:34 PM
I suppose you haven't either, unless you work for them.

Come on, now, let's attempt to stay stay civil here. As a user of sedo.com, I believe that it is well within my rights and experience to be suspicious of sedo's operational practices.

I'm not bashing any sales threads, I'm just insinuating that sedo isn't all it purports to be. It doesn't take an MBA to suspect that.

As a private company, how can outsider report sedo's level of profit? They could be operating on VC with massive losses as far as I know.

I made the post as a matter of healthy debate. I am receptive to well-presented opposing viewpoints.

--
jacksonm
Sedo had sales of approximately €30 million in the first nine months of this year. (2006) Thats just 3/4 of the year. so add another 10 million euro for example for 40 million euro

AdLink has purchased another 24% of popular domain aftermarket sales site Sedo.com for €35 million. AdLink, the online advertising and digital marketing subsidiary of Germany's United Internet, already owned 52% of Sedo (purchased in 2005), so AdLink now holds a 76% share of the company. The deal would indicate a total valuation for Sedo of about €140 million (about $183 million at current exchange rates). Sedo had sales of approximately €30 million in the first nine months of this year. Sedo's original founders still retain a share of the company and will continue to work in their present executive roles according to a report from TheAlarmClock.com.
Posted Nov. 27, 2006

http://www.dnjournal.com/archive/lowdown/2006/november.htm

I couldn't find their net profit. I'll continue looking for it but they make millions a year.

Giant
16th February 2007, 11:48 PM
Hey Cowboy, be nice to our new member.

Allowing deceitful sales to hunt for victims should be seriously condemned. Making millions of dollars does not give Sedo the right to do evil.

bramiozo
17th February 2007, 01:02 PM
I think you guys are missing the point, this situation was inevitable from the get-go and is simply required as a stepping stone for general acceptance in the after market. The sooner this moment would come the better, it has nothing to do with the image of idn's (the possibility for phishing domains is not new..) but the knowledge on idn's.

Idn's require more due diligence efforts then any ascii-domain, we have seen this many times on the idnforums, even idn-veterans regged nonsensical domains or just unpopular translations and not in small amounts either. Sedo is not specified as a an idn-platform for one, second it also attracts investors who have very little knowledge on domaining in general, let alone idn. As such sedo has the responsibility to provide as much information as possible about novelty domains and that without deterring any possible buyers, you want information signs, not red flags. Sedo has imo found this middle ground and is simply providing a neutral indication of names being IDN. Just look at the phishing auctions that are still active, they're still at 1/2 bids, they're frozen since the moment that the idn-indicators were put up, nevertheless the german auctions are at $x,xxx, that's bullshit idn v.s. real idn, a contrast we should be cheerful about.

I read several times that you think sedo should filter out these names, but as I said sedo will not actively remove phishing domains because they want to avoid liability and no that's not a contradiction. What sedo can do is provide information about the nature of the domain as best they can without deterring any potential buyers in case the name is not meant as a phishing domain. In case you force a translation for each idn as Drewbert put forward you are left with the question of ambiguity, popularity and valid vs invalid mixed character domains. I will ensure you that problems will increase once sedo opens up all the languages for bidding, especially if sedo doesn't make it perfectly clear that the buyer has to do his/her own due diligence.

I wrote quite a bit here (before the idn-tag was put in place);
http://www.dailydomainer.com/200764-domainers-gone-blind.html

This is an awareness issue, the moment these sign's can be removed is the moment idn's are accepted. The message this community should imo put forward is that idn's require effort more so than ascii-domains, we then have to provide the means for the people to learn about idn.

Giant
17th February 2007, 01:41 PM
I think you guys are missing the point, this situation was inevitable from the get-go and is simply required as a stepping stone for general acceptance in the after market. The sooner this moment would come the better, it has nothing to do with the image of idn's (the possibility for phishing domains is not new..) but the knowledge on idn's.

Idn's require more due diligence efforts then any ascii-domain, we have seen this many times on the idnforums, even idn-veterans regged nonsensical domains or just unpopular translations and not in small amounts either. Sedo is not specified as a an idn-platform for one, second it also attracts investors who have very little knowledge on domaining in general, let alone idn. As such sedo has the responsibility to provide as much information as possible about novelty domains and that without deterring any possible buyers, you want information signs, not red flags. Sedo has imo found this middle ground and is simply providing a neutral indication of names being IDN. Just look at the phishing auctions that are still active, they're still at 1/2 bids, they're frozen since the moment that the idn-indicators were put up, nevertheless the german auctions are at $x,xxx, that's bullshit idn v.s. real idn, a contrast we should be cheerful about.

I read several times that you think sedo should filter out these names, but as I said sedo will not actively remove phishing domains because they want to avoid liability and no that's not a contradiction. What sedo can do is provide information about the nature of the domain as best they can without deterring any potential buyers in case the name is not meant as a phishing domain. In case you force a translation for each idn as Drewbert put forward you are left with the question of ambiguity, popularity and valid vs invalid mixed character domains. I will ensure you that problems will increase once sedo opens up all the languages for bidding, especially if sedo doesn't make it perfectly clear that the buyer has to do his/her own due diligence.

I wrote quite a bit here (before the idn-tag was put in place);
http://www.dailydomainer.com/200764-domainers-gone-blind.html

This is an awareness issue, the moment these sign's can be removed is the moment idn's are accepted. The message this community should imo put forward is that idn's require effort more so than ascii-domains, we then have to provide the means for the people to learn about idn.

We are here condemning cheating. We are here condemning Sedo provide a platform for cheaters to hunt for victims.

We don't oppose people register a novelty domain, we condemn people register a domain to cheat. The intention and design to rip people off is a crime, regardless what product they use to commit the crime.

We don't oppose Sedo to let people sell IDN on their website, we just demand Sedo to have the capability to protect its customers from scammers. If Sedo is unable to help the buyers understand what they are buying and Sedo pockets the commission of the sale, Sedo is deemed an accomplice.

Not all domains start with xn-- are IDN domains. A xn-- domain is considered an IDN domain only when it's unicode means something in a language or languages.

bwhhisc
17th February 2007, 02:21 PM
Bram, you wrote a good response.
The best solution if Sedo wishes to allow these sales is to label "them" MIXED SCRIPT domains, and label true idns...IDN.
That would truly differentiate these sales to potential buyers.

bramiozo
17th February 2007, 04:24 PM
We are here condemning cheating. We are here condemning Sedo provide a platform for cheaters to hunt for victims.

We don't oppose people register a novelty domain, we condemn people register a domain to cheat. The intention and design to rip people off is a crime, regardless what product they use to commit the crime.

We don't oppose Sedo to let people sell IDN on their website, we just demand Sedo to have the capability to protect its customers from scammers. If Sedo is unable to help the buyers understand what they are buying and Sedo pockets the commission of the sale, Sedo is deemed an accomplice.

Not all domains start with xn-- are IDN domains. A xn-- domain is considered an IDN domain only when it's unicode means something in a language or languages.

First off, IDN is a technological term which has no restriction on what is and what is not a "real" IDN, if it fits the technological description, it is an IDN, period.
Second if you do choose to discriminate, you will have to set up requirements which have to be fulfilled by these so-called "real" IDN's because obviously you want someone to be able to indeed verify if it is a "real" IDN. It is impossible to make an unambiguous definition so therefore either a crude filter will have to be set up or they have to be filtered manually.
Thirdly, although I agree that phishers will have to be tackled somewhere down that road, I don't believe actively scanning for phishing domains will prevent people from being conned with phishing IDN's. If it's not done publicly, then privately, maybe even through mailing lists, in that case the only thing that is standing in the way of committing fraud and attempting to commit fraud is the knowledge the victim has.
IDN's don't con people, people con people and only knowledge can prevent people from being conned.

What sedo should do is make sellers aware of the fact that domains which are intended to mimic other domains are considered as attempts to commit fraud, something of that nature anyway. This is, believe it or not, not mentioned in their user conditions.
BUT of course this will have to apply to ALL domains that are being offered, no phishing domains MEANS no phishing domains and this my friends will upset the ascii-market because if there's one article being traded it's these domains, also typo's can arguable be considered as phishing domains so this will need consideration.



#

5.1.3. Domain Listing Rules

The following Domain listing requirements and obligations apply to your use of the Domain Database:

(a) The Seller agrees to set up a user account and to fill out the registration form completely and accurately.

(b) Domain names are the result of, and are subject to all of the conditions, limitations, and restrictions contained in, domain name registration agreements between the Seller and a third-party domain name registrar or other service provider. As such, the transferability of domain name registration may be limited, prohibited, or otherwise subject to conditions imposed by the domain name registrar or service provider. Nothing in this Agreement or on the Site shall be construed to imply that the Seller possesses any rights to a Domain beyond those specified in the Seller's agreement with the relevant domain name registrar or service provider. The term "Domain" as used herein, shall refer to any rights the Seller may possess with regard to the registration of a particular domain name under its domain name registration agreement with a domain name registrar or other service provider as well as any content available at or through a particular URL.

(c) As a Seller of a Domain listed on the Domain Database, you represent and warrant that: (i) you have registered the Domain with the appropriate Domain registrar or other registration authority; (ii) your registration of the Domain is current and not subject to deletion, cancellation, rescission, or deactivation by the applicable Domain registrar or other registration authority; (iii) you have not taken any action that would impair your ability or right to transfer the Domain registration and no such action has been taken against you; (iv) the Domain has not been used in such a manner as to infringe the rights of any third party, including, but not limited to, trademark, naming or publicity rights; (v) the Domain is not the subject of any legal disputes or proceedings challenging your right to register or use the Domain; (vi) you will accurately describe the subject listing; (vii) you own and have the right to sell the content, if any, listed as part of your Domain; and (viii) if your offer to sell and transfer the Domain is accepted, you will complete the transaction with a ready, willing, and able Buyer. You will not under any circumstances list or transfer the rights to any Domain that you do not have sufficient rights to transfer or that is illegal to transfer under applicable law.

(d) The Seller agrees not to list any domains which violate Sedo's Offensive Domain Policy, which is hereby incorporated by reference. Sedo may refuse to list, or remove the listing for, any Domain which, in Sedo's sole discretion, may potentially infringe or violate the proprietary rights of any third person or any other Domain, or which in Sedo's sole discretion, is inflammatory, offensive, inconsistent with Sedo's general policies or Acceptable Use terms, or otherwise may infringe any proprietary right of any third party.

(e) The Seller of a Domain agrees not to enter a bid for his/her own offer and not to instruct other persons to do so. In addition, any user manipulation of Domain listing statistics is prohibited, including, but not limited to, manipulating or otherwise falsely inflating traffic statistics represented to Buyer during the course of negotiation or which are measured and displayed by Sedo.

(f) You will not yourself, nor will you allow or enable another, to directly or indirectly interfere or attempt to interfere with the operations of the Site or the Services.

(g) The Seller agrees to keep any data which he/she has added to the Domain Database up-to-date. If a Domain has been sold, he/she is to remove it from the database. Furthermore, the Seller agrees to remove a Domain from the Domain Database immediately if a warning has been issued, or as soon as any notice or knowledge has been received that the rights of a third party or applicable laws could be violated by the listing. This shall apply until legal clarification of the situation has been made.


Ok, so it starts with sedo changing the user conditions, sedo publicly announces that unambiguous phishing domains are no longer allowed and that any breach will result in a permanent ban or something of that nature. Simultaneously sedo places general notices for the buyers emphasizing due diligence on behalf on the buyer. For practical reasons all idn's are always accompanied by there punycody (in brackets) representation.

Mixed script domains..hmm, sedo may do this, however this should only apply to scripts which have a similar representation;
cyrillic - latin
cyrillic - greek
greek - latin
bopomofo - hindi (?)
...
etc.

It's not a lot of work to make a list and it's easy to put in place.
I don't think it's unreasonable to expect something like this from sedo.

sarcle
17th February 2007, 04:57 PM
It's not a lot of work to make a list and it's easy to put in place.
I don't think it's unreasonable to expect something like this from sedo.

Well obviously it is. Asian names can still not be bid on with their current system. Afternic has it tackled, I even get inquiries from Namedrive. Sedo? They have become the worst when it comes to solving problems.

So unreasonable. Yes. I do believe so.

bramiozo
17th February 2007, 05:18 PM
Maybe the current momentum can be used to get something done.

rhys
18th February 2007, 12:37 AM
I think you guys are missing the point, this situation was inevitable from the get-go and is simply required as a stepping stone for general acceptance in the after market. The sooner this moment would come the better, it has nothing to do with the image of idn's (the possibility for phishing domains is not new..) but the knowledge on idn's.

Idn's require more due diligence efforts then any ascii-domain, we have seen this many times on the idnforums, even idn-veterans regged nonsensical domains or just unpopular translations and not in small amounts either. Sedo is not specified as a an idn-platform for one, second it also attracts investors who have very little knowledge on domaining in general, let alone idn. As such sedo has the responsibility to provide as much information as possible about novelty domains and that without deterring any possible buyers, you want information signs, not red flags. Sedo has imo found this middle ground and is simply providing a neutral indication of names being IDN. Just look at the phishing auctions that are still active, they're still at 1/2 bids, they're frozen since the moment that the idn-indicators were put up, nevertheless the german auctions are at $x,xxx, that's bullshit idn v.s. real idn, a contrast we should be cheerful about.

I read several times that you think sedo should filter out these names, but as I said sedo will not actively remove phishing domains because they want to avoid liability and no that's not a contradiction. What sedo can do is provide information about the nature of the domain as best they can without deterring any potential buyers in case the name is not meant as a phishing domain. In case you force a translation for each idn as Drewbert put forward you are left with the question of ambiguity, popularity and valid vs invalid mixed character domains. I will ensure you that problems will increase once sedo opens up all the languages for bidding, especially if sedo doesn't make it perfectly clear that the buyer has to do his/her own due diligence.

I wrote quite a bit here (before the idn-tag was put in place);
http://www.dailydomainer.com/200764-domainers-gone-blind.html

This is an awareness issue, the moment these sign's can be removed is the moment idn's are accepted. The message this community should imo put forward is that idn's require effort more so than ascii-domains, we then have to provide the means for the people to learn about idn.

The problem however is that not insisting on a specific language to be assigned to any given IDN for sale is a gross attempt to withhold important, easily obtainable information to sellers. Any lawyer could argue that SEDO has consciously decided not to offer this information PRECISELY because it would bring their trafficing of potential phishing domains to a grinding halt. Your argument (that SEDO does not provide specific information such as translation in order to avoid liability) would have more merit if phishing domains truly were indistinguishible from other kinds of IDN.

Anyone know who to contact at the FBI?

Wot
18th February 2007, 01:23 AM
Idn's require more due diligence efforts then any ascii-domain, we have seen this many times on the idnforums, even idn-veterans regged nonsensical domains or just unpopular translations and not in small amounts either.

I take it you have seen my IDN portfolio then. ;)

bramiozo
18th February 2007, 11:15 AM
The problem however is that not insisting on a specific language to be assigned to any given IDN for sale is a gross attempt to withhold important, easily obtainable information to sellers. Any lawyer could argue that SEDO has consciously decided not to offer this information PRECISELY because it would bring their trafficing of potential phishing domains to a grinding halt. Your argument (that SEDO does not provide specific information such as translation in order to avoid liability) would have more merit if phishing domains truly were indistinguishible from other kinds of IDN.

Anyone know who to contact at the FBI?

Wouldn't a phisher just as easily fill in or select the "phishing language" because it mostly resembles the intended language ?


Any lawyer could argue that SEDO has consciously decided not to offer this information PRECISELY because it would bring their trafficing of potential phishing domains to a grinding halt.

No, the lawyer can only suggest such a thing, to make it a valid motive for negligence you need to have relevance of scale AND it needs arguing that the sale
of phishing domains is not in term negative for Sedo.
The lawyer of sedo can in turn suggest that all necessary information was given to inform the buyer and that it has no position on what is and what is not a phishing domain, that is for the buyer to decide.

There are only 3 things sedo can do

1) legal commitment (clear t&c on this .etc)
2) awareness (clear indications on what is and what is not an idn etc.)
3) sanctions (imposed on those who purposely mislead)

Let's just agree that due diligence is in the end with the buyer. Why should these people be exempt from the most basic form of buyer commitment we have upholding for almost 1.5 years ??

Why haven't I heard 1 voice blaming the buyers ?

I take it you have seen my IDN portfolio then. ;)

I took a look at my own.... (I am with you brother ;) )

domainguru
18th February 2007, 11:20 AM
Wouldn't a phisher just as easily fill in or select the "phishing language" because it mostly resembles the intended language ?


Any lawyer could argue that SEDO has consciously decided not to offer this information PRECISELY because it would bring their trafficing of potential phishing domains to a grinding halt.

No, the lawyer can only suggest such a thing, to make it a valid motive for negligence you need to have relevance of scale AND it needs arguing that the sale
of phishing domains is not in term negative for Sedo.
The lawyer of sedo can in turn suggest that all necessary information was given to inform the buyer and that it has no position on what is and what is not a phishing domain, that is for the buyer to decide.

There are only 3 things sedo can do

1) legal commitment (clear t&c on this .etc)
2) awareness (clear indications on what is and what is not an idn etc.)
3) sanctions (imposed on those who purposely mislead)

Let's just agree that due diligence is in the end with the buyer. Why should these people be exempt from the most basic form of buyer commitment we have upholding for almost 1.5 years ??

Why haven't I heard 1 voice blaming the buyers ?

Let's put it this way. If those domains were put up for auction here, we would come down on the seller like a ton of bricks. They wouldn't last a day. What do Sedo do? Nothing, except say "this is an IDN". Which is the more responsible approach?

I'm all for "caveat emptor" but Sedo, in providing a platform for these domains to be sold have a corporate responsibility as well.

bramiozo
18th February 2007, 12:37 PM
Let's put it this way. If those domains were put up for auction here, we would come down on the seller like a ton of bricks. They wouldn't last a day. What do Sedo do? Nothing, except say "this is an IDN". Which is the more responsible approach?

I'm all for "caveat emptor" but Sedo, in providing a platform for these domains to be sold have a corporate responsibility as well.

If there was a direct solution possible I would be in favor of it but that approach doesn't exist, the practical measures that are reasonable have to do with further indications specifying for example whether something is a mixed script domain or not. If sedo wants to take measures as to the meaning/language of the domain it has to do that for all languages, ascii or not and there are practical issues;
- if you upload hundreds of idn's you'll have to specify the language for all of them
--> you will mostly likely refrain from doing that and sedo is unlikely to verify it if you don't.
- if something is a valid mixed script domain it will most likely deter any possible buyer if a so-called red flag is put up
- if an english word is given accents it doesn't invalidate it for one and second it might just be real term in a different language
- I formal stance against phishing domains means a stance against typo's

It boils down to it being highly impractical for sedo to actively uphold anti-phishing measures, it will negatively affect all idn's and sedo will certainly fail in upholding it.

blastfromthepast
18th February 2007, 12:44 PM
The ultimate solution involves Europeans giving up Latin script for something more distinctive and less fishable.

domainguru
18th February 2007, 12:54 PM
If there was a direct solution possible I would be in favor of it but that approach doesn't exist, the practical measures that are reasonable have to do with further indications specifying for example whether something is a mixed script domain or not. If sedo wants to take measures as to the meaning/language of the domain it has to do that for all languages, ascii or not and there are practical issues;
- if you upload hundreds of idn's you'll have to specify the language for all of them
--> you will mostly likely refrain from doing that and sedo is unlikely to verify it if you don't.
- if something is a valid mixed script domain it will most likely deter any possible buyer if a so-called red flag is put up
- if an english word is given accents it doesn't invalidate it for one and second it might just be real term in a different language
- I formal stance against phishing domains means a stance against typo's

It boils down to it being highly impractical for sedo to actively uphold anti-phishing measures, it will negatively affect all idn's and sedo will certainly fail in upholding it.

You make it sound so difficult :confused:

For me, it is no more difficult than on another website somebody reporting a "bad link" or similar.

Sedo have received dozens of complaints about these domains. All they have to do is investigate the complaints, and decide to suspend the auctions. Why all the amazingly complicated talk above? There are always simple ways to solve issues and complicated ways. You are choosing to come up with complicated ways in order to absolve Sedo. But there are easy ways. If Sedo continue with their "head in the sand" approach, it will damage them more than they know.

bwhhisc
18th February 2007, 12:55 PM
Let's put it this way. If those domains were put up for auction here, we would come down on the seller like a ton of bricks. They wouldn't last a day. What do Sedo do? Nothing, except say "this is an IDN". Which is the more responsible approach?

I'm all for "caveat emptor" but Sedo, in providing a platform for these domains to be sold have a corporate responsibility as well.

Amen.

seamo
18th February 2007, 01:14 PM
If Sedo continue with their "head in the sand" approach, it will damage them more than they know.
And if this day comes, and they do nothing about it, they will have deserved it.

Until then - I want to ask, how damaging to IDN's will this current problem turn out to be?

We are all protective of IDN's, and have a deep respect for languages and other cultures from around this planet. When we see this SEDO behaving in a way we perceive as bad for IDN's, we rightly jump to it's defence and demand action.

But at the end of the day, who ultimately will lose faith in IDN's?

It won't be the local speakers of these languages who have been crying out for them. It won't be the local companies and businesses who see IDN's as the bright new future of the net, ready for investment and development. It wont be the investors who spot a mixed script from a true IDN instantly.

It will be a section of the ascii market who will get swept along in the initial frenzy of IDN uptake and can't be bothered to do their homework on the true value of what they are buying. And as domainguru said earlier - caveat emptor.

I am not saying this to downplay the seriousness of this issue or the importance of tackling it head-on. All I am saying is it is a bump along the road of wider IDN acceptance among the traditional ascii market, and hopefully with proactive commentry from members like sarcle it will be addressed by SEDO sooner rather than later.

JMO

domainguru
18th February 2007, 01:19 PM
And if this day comes, and they do nothing about it, they will have deserved it.

Until then - I want to ask, how damaging to IDN's will this current problem turn out to be?

We are all protective of IDN's, and have a deep respect for languages and other cultures from around this planet. When we see this SEDO behaving in a way we perceive as bad for IDN's, we rightly jump to it's defence and demand action.

But at the end of the day, who ultimately will lose faith in IDN's?

It won't be the local speakers of these languages who have been crying out for them. It won't be the local companies and businesses who see IDN's as the bright new future of the net, ready for investment and development. It wont be the investors who spot a mixed script from a true IDN instantly.

It will be a section of the ascii market who will get swept along in the initial frenzy of IDN uptake and can't be bothered to do their homework on the true value of what they are buying. And as domainguru said earlier - caveat emptor.

I am not saying this to downplay the seriousness of this issue or the importance of tackling it head-on. All I am saying is it is a bump along the road of wider IDN acceptance among the traditional ascii market, and hopefully with proactive commentry from members like sarcle it will be addressed by SEDO sooner rather than later.

JMO

When saying "damaging them" I meant "Sedo" not IDNs :)

Of course stories of "phishing IDNs" don't help IDNs, but in the major markets i.e. Asia, they are basically irrelevant.

seamo
18th February 2007, 01:28 PM
When saying "damaging them" I meant "Sedo" not IDNs :)

I know - that's who I also meant by "And if this day comes, and they do nothing about it, they will have deserved it."

I should have probably then asked "how negative for IDN's will this current problem turn out to be? " instead :)

bramiozo
18th February 2007, 01:32 PM
double

You make it sound so difficult :confused:

For me, it is no more difficult than on another website somebody reporting a "bad link" or similar.

Sedo have received dozens of complaints about these domains. All they have to do is investigate the complaints, and decide to suspend the auctions. Why all the amazingly complicated talk above? There are always simple ways to solve issues and complicated ways. You are choosing to come up with complicated ways in order to absolve Sedo. But there are easy ways. If Sedo continue with their "head in the sand" approach, it will damage them more than they know.

That would only be symbolic and you know it, I am talking about the difficulties of a policy to prevent phishing domains from being sold regardless of any complaints, in
the end it depends on the knowledge of the buyer.

rhys
18th February 2007, 03:34 PM
Caveat Emptor is always in place so it isn't worth talking about. It's like saying that to sue is one's recourse when one is wronged.

Perhaps I was just misinformed but I was under the impression that there exists a machine arbitraded way for SEDO or anyone to determine IDN language and or whether it is mixed script. If none exists then I understand their position though I think that SEDO has taken the low road and should be treated by enforcement officials as a key marketplace for phishing domains on the web. If however a simple machine arbitrated way does exist, then SEDO is negligent because such information is critical and because of the real economic damage that phishing does to industry as a whole and most certainly to individuals.

Giant
20th February 2007, 05:00 PM
First off, IDN is a technological term which has no restriction on what is and what is not a "real" IDN, if it fits the technological description, it is an IDN, period.

Wrong!

IDN is NOT a technological term. IDN (or International Domain Name) is the name of a product, same as TV (or television) the consumers use everyday. The main technological term involved that creates IDN is Punycode Scheme, and some of its smaller terms are IDNA protocol, Nameprep (RFC 3491)....

Let's compare these:

Television and Flat Television
vs
Domain Name and International Domain Name

"Flat" or "International" is only a modifier to set limit to the name it modifies. If "TV" or "Domain Name" is not technological term then "Flat TV" or "IDN" is NOT either.

The technologies we use to make TV have changed in the last few decades, but we still call these magic screens TV because it's the name of a consumer product, not a technological term.

We used a set of rules of Race Code (bq--) to create IDNs between 2000 - 2003 and we switched to Punycode Scheme (xn--) after 2003, but the name IDN remained the same because IDN is a product name for internet users and NOT A TECHNOLOGY.

Phishing domains should not be called IDN because they are NOT what the consumers want as a product. The proper name for phishing domains is exactly PHISHING DOMAIN.

bramiozo
20th February 2007, 05:39 PM
Wrong!

IDN is NOT a technological term. IDN (or International Domain Name) is the name of a product, same as TV (or television) the consumers use everyday. The main technological term involved that creates IDN is Punycode Scheme, and some of its smaller terms are IDNA protocol, Nameprep (RFC 3491)....

Let's compare these:

Television and Flat Television
vs
Domain Name and International Domain Name

"Flat" or "International" is only a modifier to set limit to the name it modifies. If "TV" or "Domain Name" is not technological term then "Flat TV" or "IDN" is NOT either.

The technologies we use to make TV have changed in the last few decades, but we still call these magic screens TV because it's the name of a consumer product, not a technological term.

We used a set of rules of Race Code (bq--) to create IDNs between 2000 - 2003 and we switched to Punycode Scheme (xn--) after 2003, but the name IDN remained the same because IDN is a product name for internet users and NOT A TECHNOLOGY.

Phishing domains should not be called IDN because they are NOT what the consumers want as a product. The proper name for phishing domains is exactly PHISHING DOMAIN.

IDN, IDNA, punycode, nameprep; the first is the term for the technology that binds all the other technological terms. The fact that you have committed a special meaning to it, just as I have, doesn't change the fact that IDN simply refers to the technology with which non ascii characters can be used in the url.

Ok, IDN is a term referring to several technologies which enable non-ascii chars in the url, so it is not a technological term as I put it.

Some IDN's are created solely for the intent of phishing whereby the defining feature (namely the representation of non-ascii) of IDN is used for that purpose. We shouldnt deny the truth with self-made definitions of what is and what is not a real IDN because it will only bite us in the ass when surfers will learn that themselves.

IDN's can be used for good and bad, fight the bad, advocate the good.

Drewbert
20th February 2007, 06:26 PM
>We used a set of rules of Race Code (bq--) to create IDNs between 2000 - 2003 and
>we switched to Punycode Scheme (xn--) after 2003

You forgot ra-- dude! :)

Giant
20th February 2007, 11:45 PM
IDN, IDNA, punycode, nameprep; the first is the term for the technology that binds all the other technological terms. The fact that you have committed a special meaning to it, just as I have, doesn't change the fact that IDN simply refers to the technology with which non ascii characters can be used in the url.

Ok, IDN is a term referring to several technologies which enable non-ascii chars in the url, so it is not a technological term as I put it.

Some IDN's are created solely for the intent of phishing whereby the defining feature (namely the representation of non-ascii) of IDN is used for that purpose. We shouldnt deny the truth with self-made definitions of what is and what is not a real IDN because it will only bite us in the ass when surfers will learn that themselves.

IDN's can be used for good and bad, fight the bad, advocate the good.

You still don't seem to have changed your stance on what is or is not IDN. Maybe the method to distinguish IDN is a bit abstract, let me use a live example of bread making procedure to show how we should deal with phishing domains :).

A. Let's call "IDN" a SET of domains that comprises many subSETs of ChineseIDN, FrenchIDN, KoreanIDN... (domains in all scripts or languages in the world except the ASCII domains)
B. Let's call "bread" a SET of breads that comprises many subSETs of FrenchBread, ItalianBread, CanadianBread....

When creating an IDN domain or making a bread involves 3 stages:

A. Creating an IDN domain:
1. Registrar lets User pick the Multilingual character(s).
2. Encode it by applying all the rules, steps, methods of the Punycode
3. User gets an IDN domain (product) recorded in the ASCII Root Server

B. Making a bread for sale:
1. Worker picks the material, ingradient, chemical...
2. Start mixing and baking by a Baking Machine with very advanced baking technology.
3. Display the bread (product) on the shelf for sale to customers.

Now, let's suppose something not normal happened. The bread worker picked too many types of chemicals and the chemical reaction from these chemicals cause the bread to become poisonous.

The consumers refuse to accept these poisonous bread be labeled as "bread" because the French people don't think these are FrenchBread and Italian people don't think these are ItalianBread....

But the bread worker insists that he used the same Baking Machine with the same technology to make these bread and these bread don't look any different and therefore these poisonous bread should still be labeled "bread" for sale.

Now, how should we resolve this dispute? Apparently, something is wrong at stage #1 when the worker making the bread -- picking too many and too much chemicals. Nothing is wrong at stage #2 and stage #3.

From this example I want to show one very important element when deciding whether it is "bread" or not. If it does not fit in with the definition from the CONSUMER'S POINT OF VIEW, it is NOT "bread" even it's made by the same machine and technology.

To prevent such dispute to happen again, the bread worker has to follow the rules for ingradients at stage #1.

We can decide if a phishing domain is IDN or not in the same manner. To prevent the phishing domains to be created, the Registry and Registrars have to tighten the rules for IDN registration. Phishing domains that have already been created by mistake should be canceled just like poisonous "bread" should be pulled from the shelf and destroyed. Just like bread vendors should not withhold info of "problem" bread, Sedo should not withhold info of phishing domains and label them "IDN" to help scammers to defraud buyers.

Conclusion: A domain starts with "xn--" but does not belong to any subset(s) of the SET "IDN" is NOT IDN.

>We used a set of rules of Race Code (bq--) to create IDNs between 2000 - 2003 and
>we switched to Punycode Scheme (xn--) after 2003

You forgot ra-- dude! :)

Yes, I forgot, but did I have to remember it? :-)

Wot
20th February 2007, 11:54 PM
Another step forward?

Below is what you get if you click on thename for info or to bid.



traffìc.com is on auction

Domain Name without content.
Important Notice: This is a Multi-Lingual (IDN) Domain.
Technically you are acquiring the domain xn--traffc-0va.com

Pretty clear now although they will need to add language /translation to complete the package.

Also the Google results claimed for this name are bullshit.

Drewbert
21st February 2007, 01:50 AM
Whoever built the user interface at Sedo should be taken out the back an introduced to Mr Bat.

If the domain is longer than about 10 chars, they don't display the whole domain, they put a ... at the end, and you can't even tell what the domain is when you mouse over it looking at the status bar.

The stupid. It hurts.