U.S. patent application number 11/008610 was filed with the patent office on 2006-07-27 for private domain name registration.
This patent application is currently assigned to Network Solutions, LLC. Invention is credited to Charles Joseph III Brennan.
Application Number | 20060168020 11/008610 |
Document ID | / |
Family ID | 36698231 |
Filed Date | 2006-07-27 |
United States Patent
Application |
20060168020 |
Kind Code |
A1 |
Brennan; Charles Joseph
III |
July 27, 2006 |
Private domain name registration
Abstract
A service for protecting the privacy of domain name registrants
while preserving the registrant's ability to directly change the
registration information or transfer the registration. A whois
record is created that reflects the registrant's actual identity
but contains contact information that is entirely associated with a
privacy service.
Inventors: |
Brennan; Charles Joseph III;
(Reston, VA) |
Correspondence
Address: |
KENYON & KENYON LLP
1500 K STREET N.W.
SUITE 700
WASHINGTON
DC
20005
US
|
Assignee: |
Network Solutions, LLC
|
Family ID: |
36698231 |
Appl. No.: |
11/008610 |
Filed: |
December 10, 2004 |
Current U.S.
Class: |
709/206 |
Current CPC
Class: |
H04L 29/12047 20130101;
H04L 51/12 20130101; H04L 61/15 20130101; H04L 29/12009 20130101;
H04L 61/302 20130101; G06F 21/56 20130101; H04L 51/28 20130101;
H04L 61/303 20130101; G06F 21/60 20130101; H04L 61/3015
20130101 |
Class at
Publication: |
709/206 |
International
Class: |
G06F 15/16 20060101
G06F015/16 |
Claims
1. A method for protecting the privacy of a registrant of a domain
name, comprising configuring a whois record such that the
registrant name displayed in the whois record is the actual
registrant name and the contact information displayed in the whois
record is entirely alternate contact information.
2. The method of claim 1, wherein correspondence received at an
alternate contact is forwarded to a registrant contact in
accordance with a predetermined rule.
3. The method of claim 2, wherein postal correspondence received at
an alternate contact is scanned and forwarded to a registrant
e-mail address.
4. The method of claim 1, wherein an e-mail message received at an
alternate e-mail address is scanned and forwarded to a registrant
e-mail address if it is determined not to be SPAM and if it is
determined not to contain malicious code.
5. An apparatus for protecting the privacy of a registrant of a
domain name, comprising: a processor; a memory coupled to said
processor, said memory storing a whois record for a domain name
registration wherein the registrant name of the whois record is the
actual registrant name and the contact information of the whois
record is entirely alternate contact information.
6. The apparatus of claim 5, wherein said instructions are further
adapted to be executed by said processor to perform steps
including: receiving an e-mail message addressed to an alternate
e-mail address listed in a whois record; scanning the e-mail
message for SPAM; and forwarding the e-mail message to an e-mail
address specified by the registrant if the message is determined
not to be SPAM.
7. The apparatus of claim 5, wherein said instructions are further
adapted to be executed by said processor to perform steps
including: receiving an e-mail message addressed to an alternate
e-mail address listed in a whois record; scanning the e-mail
message to determine if the message contains malicious code; and
forwarding the e-mail message to an e-mail address specified by the
registrant if the message is determined not to contain malicious
code.
8. The apparatus of claim 5, wherein said instructions are further
adapted to be executed by said processor to perform steps
including: answering a telephone call to an alternate telephone
number; and providing a prerecorded message to the calling
party.
9. A method for managing a domain name registration, comprising:
receiving from an applicant a request to register a domain name;
storing the name of the applicant and applicant contact information
correlated with alternate contact information for the domain name
registration; and causing the domain name to be registered with the
applicant name as the registrant name and with contact information
that is entirely alternate contact information.
10. A medium storing instructions adapted to be executed by a
processor to perform steps including configuring a whois record
such that the registrant name displayed in the whois record is the
actual registrant name and the contact information displayed in the
whois record is entirely alternate contact information.
11. The medium of claim 10, wherein said instructions are further
adapted to be executed by said processor to forward correspondence
received at an alternate contact to a registrant contact in
accordance with a predetermined rule.
12. The medium of claim 10, wherein said instructions are further
adapted to be executed by said processor to scan and forward to a
registrant e-mail address postal correspondence received at an
alternate contact.
13. A medium storing instructions adapted to be executed by a
processor to perform steps including: receiving from an applicant a
request to register a domain name; storing the name of the
applicant and applicant contact information correlated with
alternate contact information for the domain name registration; and
causing the domain name to be registered with the applicant name as
the registrant name and with contact information that is entirely
alternate contact information.
14. A system for protecting the privacy of a registrant of a domain
name, comprising: means for receiving from an applicant a request
to register a domain name; means for storing the name of the
applicant and applicant contact information correlated with
alternate contact information for the domain name registration; and
means for causing the domain name to be registered with the
applicant name as the registrant name and with contact information
that is entirely alternate contact information.
15. A method for protecting the privacy of a registrant of a domain
name, including: sending from an applicant a request to a register
a domain name; and causing the domain name to be registered with
the applicant name as the registrant name and with contact
information that is entirely alternate contact information.
16. A medium storing instructions adapted to be executed by a
processor to perform steps including: sending from an applicant a
request to a register a domain name; and causing the domain name to
be registered with the applicant name as the registrant name and
with contact information that is entirely alternate contact
information.
Description
BACKGROUND OF THE INVENTION
[0001] The Internet Corporation for Assigned Names and Numbers
("ICANN") governs the registration of certain types of domain names
on the Internet. It accredits registrars and promulgates policies
on domain name registration. One of its policies mandates that each
registrar maintain a publicly-accessible database (a "whois"
database) that lists the name of, and contact information for, each
of registrants for each domain name registered at that registrar.
See ICANN Registrar Accreditation Agreement, Approved May 17, 2001,
Section 3.3.
[0002] An example of a portion of a domain name registration record
in a whois database is shown in FIG. 1. Registrant information 101
of domain name 102 includes the registrant name 103, postal mail
address 104, telephone number 105. The administrative and technical
information 106 includes the administrative contact name 107 and
technical contact name 108, administrative contact e-mail address
109, technical contact e-mail address 110, administrative contact
telephone number 111 and technical contact telephone number
112.
[0003] A registrant may wish to keep private certain of the
information that is publicly available in the whois database, such
as telephone numbers, e-mail addresses, mail addresses, etc. For
example, publicly available e-mail addresses in the whois database
are mined by SPAMmers. As a result, such e-mail addresses can
receive substantial amounts of unsolicited commercial e-mail
("SPAM"). In response to the need to keep domain name registration
information private, certain registrars offer services designed to
shield such information.
[0004] One known domain name registration privacy service called
SPAM Shield is offered by the registrar Dotster, Inc. The SPAM
Shield service replaces a registrant's e-mail address in a whois
record with a SPAM Shield e-mail address. E-mail received at the
SPAM Shield address is filtered for SPAM before being forwarded to
an e-mail address designated by the registrant. To further confound
data miners, the SPAM Shield e-mail address in the whois record is
changed every ten days.
[0005] Another known domain name registration privacy service is
offered by Domains by Proxy, Inc. The registrant of a domain name
subscribes to the Domain by Proxy service, which replaces all of
the registrant's registrant, administrative and technical
information in the whois entry for the domain name registration
with Domain by Proxy information. FIG. 2 shows a comparison of
publicly available whois information 201 and what is shown when the
registrant subscribes to the Domains by Proxy service 202. Domains
by Proxy is contractually bound to the subscriber to dispose of the
domain name registration in accordance with the subscriber's
instructions.
[0006] The Domains by Proxy service is described in International
Patent Application numbers WO 2004/029821, "Proxy E-mail Method and
System" and WO 2004/021203, "Method and System for Domain Name
Registration and E-mail by Proxy." The registrant essentially
transfers the domain name registration to Domains by Proxy. The
registrant thereby becomes a "subscriber" to the privacy service,
which is contractually bound to act at the subscriber's behest as
the registrant of the domain name.
[0007] When correspondence is addressed to the registrant of the
domain name, the Domains by Proxy service offers to forward it to
the subscriber. First class postal mail (other than legal notices),
"junk" mail or other unsolicited communications (regardless of
their mode of delivery) are discarded or returned to the sender by
the privacy service.
[0008] Domains by Proxy creates an e-mail address that is
accessible to the subscriber for each registered domain name
("DOMAIN_NAME") of the format DOMAIN_NAME@domainsbyproxy.com (the
"DBP account"). E-mails received at each such address are either
forwarded to the subscriber as-is; filtered for SPAM and forwarded;
or discarded, as elected in advance by the subscriber.
[0009] When Domains by Proxy receives certified or traceable
courier mail or legal notices addressed to the subscriber's contact
information found in his domain name registration, it sends an
e-mail message to the subscriber's DBP account. The e-mail message
identifies the sender of the correspondence, the date Domains by
Proxy received it, and a brief description of its contents. The
subscriber is given seventy-two hours to decide whether to reject
the correspondence or have it forwarded via overnight courier,
facsimile, or both, at the subscriber's expense. Should the
subscriber not respond to the Domains by Proxy e-mail message,
Domains by Proxy attempts to contact the subscriber via telephone.
If the subscriber does not respond and is unreachable, Domains by
Proxy reserves the right to immediately reveal the subscriber's
identity and/or cancel the subscriber's private registration
service. In that case, the subscriber once again becomes the
registrant of the domain name, and the whois directory reverts to
displaying the registrant's true registration name and contact
information, including the registrant's identity, postal address,
e-mail address and phone number.
[0010] In the Domains by Proxy scheme, making changes to the domain
name registration can be cumbersome because Domains by Proxy is the
registrant, albeit contractually bound to act in accordance with
the subscriber's instructions with regard to the domain name
registration. Thus, the subscriber cannot directly make any changes
to the registration or registration information, e.g., using the
registrar's account management utilities. Rather, the subscriber
must instruct Domains by Proxy to make any change, which Domains by
Proxy must then carry out.
[0011] For example, transferring a domain name registration from a
first registrar (a "Losing Registrar") to a second registrar (a
"Gaining Registrar) must be done by the administrative contact or
registered name as shown in the whois record for the domain name
registration. All accredited domain name registrars must comply
with the ICANN Policy on Transfer of Registrations between
Registrars, dated 12 Jul. 2004 ("ICANN Transfer Policy.") The
Policy states, "The Administrative Contact and the Registered Name
Holder, as listed in the Losing Registrar's or applicable
Registry's (where available) publicly accessible WHOIS service are
the only parties that have the authority to approve or deny a
transfer request to the Gaining Registrar. In the event of a
dispute, the Registered Name Holder's authority supersedes that of
the Administrative Contact." ICANN Transfer Policy, Section 1.1.
Ordinarily, transferring a registration is done directly by the
actual registrant of the domain name.
[0012] Thus, only Domains by Proxy can transfer a domain name
registration from a Losing Registrar to a Gaining Registrar. A
subscriber wishing to do so must instruct Domains by Proxy to make
the transfer, and provide the necessary information and
authorization to Domains by Proxy. Alternatively, the subscriber
can cancel its Domains by Proxy service and become the registrant
for the domain name, and then transfer the domain name registration
himself. However, in so doing, his registration information will
become publicly available in the whois record for the domain name
registration.
[0013] A better domain name registration privacy system would
protect the registrant's sensitive information while allowing him
to manipulate the registration (e.g., transfer, change registration
information, etc.) directly, without proceeding through a privacy
service.
SUMMARY OF THE INVENTION
[0014] In accordance with an embodiment of the present invention,
each and every of the postal mail address, telephone number and
e-mail address of a registrant in a whois record can all be changed
to an alternate postal mail address, telephone number and e-mail
address, while the registrant name in the whois record remains the
actual identity of the registrant. The alternate contact
information can point to a privacy service, which can handle
communications addressed to such alternate contacts on behalf of
the registrant. This combination can maintain the privacy of the
registrant contact information, while permitting the registrant to
retain control over the domain name registration, because in this
way, the actual registrant (rather than a proxy service) remains
the legal registrant of the domain name registration. For example,
the registrant can directly approve the transfer of the
registration to a Gaining Registrar in accordance with the ICANN
Policy on Transfer of Registrations between Registrars. A
registrant can also make changes to the registrant information
listed in the whois record directly through the domain registrar's
account manager, without having to act through a privacy
service.
BRIEF DESCRIPTION OF THE DRAWINGS
[0015] FIG. 1 shows a prior art embodiment of a whois record.
[0016] FIG. 2 shows a prior art comparison of whois records using
Domains by Proxy.
[0017] FIG. 3 shows a system in accordance with an embodiment of
the present invention.
[0018] FIG. 4 shows a method in accordance with an embodiment of
the present invention.
[0019] FIG. 5 shows a whois record in accordance with an embodiment
of the present invention.
[0020] FIG. 6 is an apparatus in accordance with an embodiment of
the present invention.
DETAILED DESCRIPTION
[0021] In accordance with an embodiment of the invention, the whois
record for a domain name registration is configured such that the
registrant name reflects the true identity of the registrant, while
the registrant contact information is entirely replaced by
alternate contact information. As used herein, "contact
information" includes postal mail address(es), e-mail address(es)
and telephone number that are displayed in a whois record. A
"contact" is an individual address displayed in a whois record, and
can include a postal address, e-mail address and/or a telephone
number. "Correspondence" is any communication addressed to any
contact information.
[0022] The registrant's actual e-mail address can be replaced by an
alternate e-mail address that can be changed periodically to defeat
data miners. E-mail received at the alternate address can be
filtered for SPAM and/or malicious code (such as viruses, worms,
etc.) and then forwarded to an e-mail address designated by the
registrant.
[0023] The registrant's postal address can be replaced by an
alternate address, such as a Post Office Box maintained by a
registrar. Postal mail addressed to the alternate address can be
handled in accordance with any suitable regime, e.g., depending on
the identity of the sender, the mode of delivery, the content of
the correspondence, etc. For example, United States Postal Service
("USPS") Certified.TM. and Express Mail.RTM. can be opened by the
privacy service and forwarded to the registrant by a variety of
methods. For example, such opened mail can be scanned and forwarded
to the registrant's e-mail account electronically. Such mail can
also be forwarded to a postal address designated by the registrant.
Third Class and Bulk mail can be destroyed upon receipt, unopened.
All other mail can be returned to the sender, unopened.
[0024] A sender list can be maintained for each registrant. The
sender list can include classes of senders with forwarding
instructions. For example, for postal mail, the sender list can
include a "scan and forward" class; a "forward in hard copy" class;
etc. The privacy service can determine what action to take with
regard to a piece of correspondence based upon the class to which
the sender belongs. Examples of an entry in a sender class include
the full name and address of a sender; the name only of a sender;
the corporate affiliation only of a sender; a geographic origin
indicator of the sender (e.g., a zip code, a state, a street name,
etc.) For e-mail, the sender list can include a sender e-mail
address (e.g., phillipz@acme.com); a sender domain (e.g., forward
all e-mail from acme.com); etc. For telephone forwarding, the
sender lists can include originating telephone numbers, which can
be obtained using known caller-ID technology; originating area
codes, etc. If sender information for a given received
communication is not included in a sender list, then a default rule
can be applied, e.g., block the attempted communication with the
registrant. The sender list can be implemented automatically by
storing it in a database that can be automatically queried upon
receipt of an e-mail or telephone call.
[0025] Similarly, a registrant can designate a code (e.g., a
number) that is correlated to a rule specifying the action to take
with regard to the correspondence. Such a code can be included in
the postal address (e.g., attn: 14535); in the subject line of an
e-mail; entered through a telephone keypad at the prompting of an
Interactive Voice Response ("IVR") system; etc. The rule associated
with a code can be "forward immediately"; "forward via first class
mail"; "forward via overnight courier"; etc.
[0026] The alternate telephone number displayed in the whois entry
can be answered by an answering service that instructs the caller
how to contact the registrant. For example, the answering service
can instruct the caller to contact the registrant via a given
e-mail address; a postal address; etc. The provided e-mail and/or
postal addresses can be alternate addresses, such as those
displayed in the whois record. Alternatively, an incoming telephone
number can be forwarded using call-forwarding technology, e.g., if
the incoming call originates from a number that the registrant has
instructed to be forwarded to a given number. The originating
number can be detected by the privacy service using caller-ID
technology.
[0027] The privacy service in accordance with the present invention
can be offered by a domain name registrar directly, or by a privacy
service provide in conjunction with a domain name registrar. A
registrant can cancel the privacy service at any time, in which
case the alternate contact information in the whois record will be
changed to the registrant's contact information.
[0028] An embodiment of a system in accordance with the present
invention is shown in FIG. 3. A registration server 301 is coupled
to a privacy server 302 and a privacy database 303. The
registration server 301 can receive from an applicant 304 a request
to register a domain name using a privacy service in accordance
with an embodiment of the present invention. The registration
server 301 can collect the applicant's 304 name and contact
information, and then can register the domain name (the applicant
304 thus becomes the registrant 304) with the registrant's name and
alternate contact information. A record including the registrant's
304 domain name, name, contact information and privacy services
preferences can be stored at privacy database 302. The registrant's
304 preferences can include a sender list, correspondence
forwarding options, alternate registrant contact information (i.e.,
alternate addresses at which the registrant 304 can be contacted
directly), an indication as to whether the registrant 304 has
elected to have the domain name registration automatically renewed,
payment information (such as a credit card number), etc.
[0029] The registration server 301, privacy server 302 and privacy
database 303 can each be implemented in a different computer, can
be implemented in two computers, or a single computer. The
functions performed by each can be implemented in any way so as
best to suit the needs and capabilities of the implementer.
[0030] Privacy server 302 can include a SMTP e-mail server 305 that
serves as the destination address for e-mail messages sent to an
alternate e-mail address maintained by the privacy service, as well
as computer software for scanning e-mail messages and their
attachments to determine if an e-mail message is likely to be SPAM
or if it contains malicious code. When an e-mail message is
received at the e-mail server 305, the privacy server can query the
privacy database 303 to determine the forwarding instructions of
the registrant. If the registrant has indicated that no e-mail
messages are to be forwarded, then the received e-mail message can
be deleted. If the registrant has provided a forwarding e-mail
address, then the e-mail server 305 can scan the e-mail. If the
e-mail server 305 determines that the message is not SPAM and does
not include malicious code, then the received message can be
forwarded to the registrant in accordance with the registrant's
instructions. If SPAM or malicious code is detected, then the
message can be deleted. A message with a summary of deleted e-mail
messages directed to the alternate e-mail address of the registrant
can be periodically sent to the registrant.
[0031] Privacy server 302 can also include a telephone server 306
adapted to receive telephone calls directed to the alternate
telephone number for a domain name registration. The telephone
server 306 can include an answering service that plays a
pre-recorded message directing the caller to contact the registrant
via other means. It can also include an Interactive Voice Response
("IVR") system for collecting further information from a calling
party and then directing the calling party to alternate contact
means, such as postal mail or e-mail. The telephone server 306 can
also include call forwarding hardware and software. Upon receiving
an incoming call, the telephone server 306 can query the privacy
database 303 and obtain a forwarding telephone number for incoming
calls to a registrant's alternate telephone number. The telephone
server 306 can forward a call to another number.
[0032] If the registrant wants to modify any domain name
registration information, the registrant can change the registrant
name, or selectively or entirely replace any and all alternate
contact information by using an account management tool 307 at the
registration server 301. Similarly, the registrant can transfer the
domain name registration directly by using the account management
tool 307 at the registration server 301.
[0033] A privacy server system 400 in accordance with an embodiment
of the present invention is shown in FIG. 4. Processor 401 can be
coupled to memory 402, which can store privacy instructions 403
that can be adapted to be executed by processor 401 to perform the
method in accordance with an embodiment of the present invention.
For example, privacy instructions 403 executing on processor 401
can receive a request for private registration for a domain name
from a registration server. The request can include the
registrant's name and contact information. The executing privacy
instructions 403 can cause the domain name to be registered with
the registrant's name and entirely with alternate contact
information. Processor 401 can be coupled to port 404.
[0034] The privacy server system can include e-mail server
instructions 405 that can implement SMTP and can include e-mail
scanning software that can detect SPAM 406 and/or malicious code
407. This can be implemented using the same processor 401 and
memory 402 as the privacy instructions 403, or can be implemented
on a separate processor and memory in communication with a privacy
server processor 401 and memory 402. The e-mail server 404 can
include query and forwarding instructions 408 that can query the
privacy database (not shown) to discover forwarding e-mail
addresses and other forwarding instructions, and can forward or
delete e-mail messages. If a message received at the e-mail server
404 is discovered to be SPAM or contain malicious code, it can be
deleted and not forwarded to the registrant.
[0035] The privacy server system can include telephone server
instructions 409 that can receive calls made to a registrant
telephone number, and can include an automatic answering service
instructions 401 that deliver a message to each calling party.
Telephone server instructions 409 can also include query/call
forward instructions 411 that can query the privacy database (not
shown) to obtain consult call-forward rules and obtain call-forward
information, and then forward a call received at an alternate
telephone number to a registrant telephone number. Telephone server
instructions 409 can also include IVR instructions 412 that can
gather additional information from a calling party. Telephone
server instructions 409 can be implemented using the same processor
401 and memory 402 as used by privacy instructions 403, or may be
implemented by a separate processor and memory in communication
with processor 401 and memory 402.
[0036] An example of a portion of a whois record in accordance with
an embodiment of the present invention is shown in FIG. 5. The
actual name of the registrant is shown 501, while the contact
information shown in the whois record is entirely alternate contact
information 502. As can be seen from FIG. 5, the same technique in
accordance with an embodiment of the present invention can be
implemented for the administrative contact. That is, the
administrative contact name 503 can be the actual name of the
administrative contact (rather than some alternate contact
information), while the rest of the administrative contact
information is alternate contact information 504. Likewise, the
technical contact name 505 can be the actual contact name, while
the rest of the technical contact information can be alternate
contact information 506.
[0037] FIG. 6 shows an embodiment of an apparatus 600 storing a
data structure in accordance with an embodiment of the present
invention. The apparatus includes a processor 601 coupled to memory
602 storing a whois record 603 that includes a registrant name 604
that is the actual name of a registrant of a domain name, an
alternate postal address 605, an alternate e-mail address 606 and
an alternate telephone number 607.
[0038] The above description is meant to illustrate and not limit
the scope of the present invention, which is fully defined by the
scope of the claims. Those of skill in the art will recognize that
the above description includes examples of how the present
invention may be implemented, and will understand from the above
description how to implement other embodiments that are within the
scope of the claims
* * * * *