Latest news of the domain name industry

Recent Posts

Sedo’s cunning GDPR workaround

Kevin Murphy, May 23, 2018, 09:23:21 (UTC), Domain Services

With full Whois records set to disappear from public view for most domain names this Friday, auction house Sedo has had to resort to some technical trickery to enable its users to prove they own the domains they list for sale.

Until now, when listing a domain at Sedo, the company has checked whether the Whois record matches the data it has on file for the customer.

With that no longer possible in many cases, Sedo told users yesterday it instead wants them make updates to their DNS records, which will obviously remain public data post-GDPR.

Sedo will give each customer a personal identification number, which they will have to add to the all-purpose TXT field of their domain’s DNS record.

That’s a fairly straightforward process at most registrars, though volume domainers had better hope their registrar of choice allows DNS changes to be made in bulk.

Sedo’s calling the process “Owner Self-Verification”.

Customers who do not use the system will have to wait three business days before their names are verified. Sedo said it will manually spot-check domains and may ask for other forms of proof of ownership.

UPDATE: Many thanks to all the people on Twitter telling me this system has been in place for years. You’re all very clever. Your cookies/cigars are in the mail.

Tagged: , , , ,

Comments (5)

  1. GDPR is the devil says:

    SSL certificate providers have been doing this for years. Many hosting providers who are not registrars also do something similar.
    Privacy doesnt prevent you from proving ownership. It never has. Sedo are simply late to the party. You can decide if its fashionably late or lazy.

    The new regime amongst registrars and registries will only prevent unsolicited domain ownership validation.

  2. Michael M says:

    No offense, but Sedo has had the option for DNS verification for many years. They are only having to fall back to it as a primary verification method, instead of a secondary one.

    There is nothing cunning about what Sedo is doing. Business as it has always been.

    This is not really news beyond the fact that GDPR is happening.

  3. Don says:

    I’m still trying to wrap my head around the true ramifications of the loss of the full Whois. It’s basically going to be useless in a couple of days. What will become of the countless businesses that rely on that data as their business model, or those businesses that incorporate it for in their business processes? Sedo did the only thing they could do – adapt. I’m sure other businesses will try to find ways to adapt too, but for those wholly reliant on full access to Whois, they’re out of luck.

    Personally, I’d rather have seen ICANN null registrant info for EU related ccTLD’s, and any other domain containing contact info tied to an EU address, and leave everything else alone.

  4. Acro says:

    Kevin, this has been in place for years. As in, at least five years.

  5. Mark Thorpe says:

    I’ve been having to do this with my GoDaddy domains for awhile now, when listing them on Sedo.

Add Your Comment