On Friday 22nd January 2016, I formally gave 30 day notice to Nominet for the closure of my registrar account. This post details the reasons for this.
Nominet contacted me stating that they were going to link my registrar account with that of my employer due to their “connected persons” section of their AUP. I should note that I had never seen this section before, so it must have been added since I became a registrar.
I contacted them detailing that my personal account was for the express purposes of keeping my private and business life separate… including that I go as far as to have provider independant IP address space, my own Autonomous System, BGP routers and servers – all separate from my employer. I stated the fact that I had been (save for a short break) a Nominet member for longer than I had been an employee of my current employer too.
In response I received:
I have spoken with our legal team with regards to your information, however, they have advised that we need to link the services in regards to the acceptable use policies (Anti-avoidance and Connected Persons link below).
Obviously my employer would be rather upset if anything I could do in my personal capacity could affect them in any way (it’s a fair expectation of an employee), so I was left with no alternative but to serve notice on my registrar account with the minimum possible term (30 days)
Nominet’s AUP (whenever it was added/updated) contains the following description of connected persons:
A person is ‘connected’ to another person if:
- they are the same person, have the same Nominet account, or have connected memberships under the voting rights policy;
- they make any declaration that they are connected or when challenged by us they fail to make a declaration in the reasonably required legal form that they are not connected;
- they have social, family, ownership or business links (directly or indirectly) which mean that they either:
- do not appear to operate truly independently of one another, or
- it could reasonably be assumed that they will not operate truly independently of one another; or
- the object or effect of their activities is such that we reasonably think that not linking them would compromise one or more of the AUP Principles.
For the purposes of (2) we may decide that two parties are not connected even if one declares that they are, if the other disputes this and our investigations support the denial (so, for example, you cannot just declare that you are linked to another person and then use all their limit up to disrupt their business).
For the purposes of (3) there is a strong presumption that:
- group companies (or other businesses) are connected to other businesses in the group;
- a company and its employees/officers/partners are connected to one another;
- members of the same family group are connect to each other (including in-laws, co-habitees, civil partners, adopted children and others who may not have a relationship by blood but who are part of the family group); and
- a business owned, run or ultimately controlled by one member of a family is connected to a business owned, run or ultimately controlled by another member of the same family.
The final decision rests with us. When deciding whether to link people under (2) to (4) above, we will take into account the AUP principles.
I’m unhappy with so many things in the above snippet that I don’t even know where to start…
In short, Nominet have lost my annual membership fee (i’m sure they won’t be concerned about this given that they make more profit than their non-profit status allows anyway), but also one of their last registrars who had implemented their entire feature set.
I have recommended to any people with domains on my account to migrate to another registrar ASAP. For those without a preferred registrar, I have suggested PortFast as they appear to have a similar feature set to that I had offerred.
This follows a disturbing trend within Nominet which I wont go into in this post. Feel free to use your favourite search engine to lookup recent events at Nominet if you want to read further.
In an age where ICANN are dishing out new TLDs constantly, you would expect Nominet to be trying to strengthen the .uk brand but instead recently it seems to be trying to harm it.
In light of this, I have been considering migrating my main domain name away from the .uk namespace to one of the more level-headed registries.
I’ve been a user of your RBL (tor.dan.me.uk) for about 2 years now. I stopped in to see if there were any new developments or changes to the RBL, and noticed your posting about Nominet, and your considerations of moving to a different TLD.
I’ve used ‘DotEarth’ for my registrar services for over a decade now, and it’s been consistently inexpensive… although, I’m not sure DotEarth would be the right fit for your needs if you plan to continue being a registrar yourself…. that would be beyond my knowledge in regard to what services or partnerships they offer.
Another caveat to consider with DotEarth is that DotEarth is what I like to think of as a minimal or ‘just-enough’ service, meaning that while I perform my domain registration through them, I don’t use any other services they might offer, such as DNS hosting (because I host my own DNS, both internally and externally). DotEarth *does* offer that, but I prefer managing my own full implementations of BIND and using my own tools to manage it, rather than being stuck with whatever a provider can muster.
Anyway, I’m not sure if this would be what you’re needing or even considering, but I figured I’d make the suggestion.
I really appreciate the RBL service that you created. However, I’m not entirely sure that I’m using it correctly… I have been using it as a normal RBL within my email server’s Postfix configuration, along with zen.spamhaus.org, b.barracuda.org, and the greater majority of the individual ccTLD-RBLs from ‘.countries.nerd.dk’. I can’t recall having ever seen a log entry saying that a host was blocked via ‘torexit.dan.me.uk’. Is it possible to use it this way as I’ve described, or should I be using your RBL differently? Is there a method for integrating your RBL with either spamassassin or postfix?