New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
DENIC (.de Domains) requests verification of domain owner data
The German domain registry DENIC has begun a large-scale verification of contact data for .de domains. This move is driven by the implementation of the European NIS 2 directive, specifically through amendments to the German BSI Act.
DENIC is not contacting all owners. Instead, they are targeting a "single-digit percentage" of records flagged as potentially incorrect or incomplete. Owners must verify their name (and legal form for entities), postal address, phone number, and email address. Verification methods include PostIdent, Photo-Ident, and Video-Ident, as well as uploading official documents or verification via a postal verification code.
Source: Heise.de
Comments
the pig-state is tightening the reins!
Not much new there, .de has always sucked. Typical German passport please! nonsense.
Well, I guess it's about time to let go my last and only de domain ...
Oh, and FUCK denic and FUCK the eu regime!
Its cool how they already support the EU's digital ID garbage, when even the lite trojan horse version (aka age verification app) is still a couple months off and the full scale disaster is still postponed until next year. The future will be seriously funny. Well, at least the TLDs used by normal persons will be funny.
Wow... Shocking... Registry wants you to have complete and accurate information? This is communism.
EUdSSR - even the dumbest person should realize that by now!
!!!
I love the EU less and less.
Really you just need to get used to the idea that anything you do online is going to require official documents even up to video kyc. We'll be pushed into smaller and smaller boxes for "unverified" usage until you have no choice left.
I don't really see how you stop this.
Very good point. That is pretty much the impression i get too. Its hard to say how long it will take exactly but the direction is 100% obvious. Given it is currently not just a bunch of isolated pushes by lone actors chances are it will reach its destination rather sooner than later though.
Yeah, actually stopping it would need some kind of major political will and this will is already hard at work but in the very much opposite direction. As far as some kind of protest movement is concerned i just don't see it happening in today's largely apathetic/ignorant climate and even if it would happen there would have to be a metric fuckton of it to make even the tiniest bit of actual impact.
The worst part about this whole situation is how each and every step makes organizing any kind of push back harder and therefore more unlikely to happen. The single bits and pieces might look rather innocent(-ish) in a vacuum but from a macro perspective there is a massive amount of control about to come.
My personal (not very optimistic) view is that at some point the remaining i-am-not-showing-ID crowd will move into the various darknets. Well, at least until those get outlawed and finally technically blocked (i figure its a pretty safe bet if something like this would gain any real traction).
Yeah and the bigger issue is that 99.99% people will not bother about it. Even if some people try to resist, the vast majority will accept the tradeoff in the name of convenience or work.
And even if the i-am-not-showing-ID crowd eventually moves to darknets assuming those arent heavily restricted, its hard to see what that actually changes in practice. If most essential services, communication platforms, payments become centralized and identity linked, then a few thousand people operating outside that system wont even have any practical use cases left.
Pretty much. Chances are that if the overall population cared about these types of issues we wouldn't be at this point to begin with.
Well, kind of, i guess. At least the difference probably isn't massive. The various bubbles are already quite isolated anyways but there's at least a little bit of overlap now and then, which i guess would almost completely disappear at that point.
Also the technical convenience will likely push ID checks into hard to avoid areas where it wasn't customary due to the added inconvenience. I figure holding smartphones in front of NFC devices and/or scanning codes would become a rather common occurrence.
Yeah, domains (especially .de ones lol) would probably not see much use outside the general population anymore.
Idiocracy meeting diktatura ...
I kind of missed the outcry from you guys over this. Did all of you cancel your .com domains, and do you call for the death of the United States of America?
The problem with democracy is that > 85% of voters are not particularly bright (plus easily remote controllable)
DENIC became the bad person of the week!
Lol, yeah not sure what they're crying about. Been in place like that for just about any generic TLD.
Usually not really a big issue. Registrar verifies your data, if they can, no-issue with the registry, no verification.
Usually you trust your registrar with your data. If you don't ...
Then again, if fake or unverified data is provided, you don't 'own' the domain which will be an issue if someone tries to hijack it. No fun when you operate something worthwhile.
You could opt for HNS... But yeah... That's a rugpull.
This is the difference that caught my eye
I've never had to show id picture or (lol) video to verify a .com, every verification I've ever done is simply not respond to the email asking if my info is correct.
Could you point me to the part where the yearly spaceship email asks for my digital ID, video ident, or a slew of similarly invasive identity verification methods?
You guys mix up registrars with registry.
The verification is with the registrar, not the registry. Denic doesn't need Id. That's due to the registrar.
Denic only needs name, address and phone number.
Edit: verification method is up to the registrar.
So yeah, just like generic TLDs.
Huh? The article clearly states that you'll need to verify identity using the shown methods (digital ID, video ident, post ident, ...)? None of this is done by either VeriSign or (in my case) spaceship?
The article is actually referencing DENIC, though it does point out that stage is a last resort if you didn't correct the glaring errors they found (initial comms will be the standard email from registar).
Interestingly it does seem to say they only looked for things like non-existent addresses. So actual addresses that just aren't yours might skate. I don't know who would do a thing like that anyway, but yea.
Just read the denic email...
So much misinfo in this thread it's insane.
Same with all generic TLDs. They want whois verification as well. If you don't, and get flagged, they'll put you on server hold just the same.
Edit: Usually actually being in control of the domain tech email would suffice.
Again huh? That's seemingly just the mail the article talks about after which "you can start the verification". Yeah, that might happen at the registrar but its not like i really care if denic does KYC or if they force the registrar into doing it. The last line of the email actually says: "Request (not 100% the correct word but probably closest by meaning) the verification of your contact information until X".
To be fair in the lower right corner of the picture with the verification methods where they talk about "verification by postal address" there is a weirdly worded part about "email" that could suggest that verifying your contact data via email might be possible. I'd rather expect you to have to receive a code by snail mail to verify by email or something similarly stupid though. The part is very unclear and just checking the email to confirm something that might be 100% bogus would basically make the whole thing pointless.
To be even more fair: Its not like i really care all that much one way or another. I haven't had any .de domains for a very long time and i don't plan to get any. That doesn't change anything about how in my opinion Germany can go suck it, its institutions can go suck it and the EU can go suck it too though
To be super extra uber fair: Denic has always been super anal when they suspected something fishy. Them sending this to heise.de (which highly likely isn't registered using fishy data) suggests this isn't the case here though.
Yes. German registrars and hosts can be very anal about stuff. They're like like that. It's a culture thing I suppose. You'll get used to it when residing in Germany a lot
I had to verify at my registrar once for denic, it was a simple email confirmation.
So the method is on the registrar, just like it would be with any other tld.
Difference being, Germans are a bit more thorough if you unlucky/lucky , depending on your objectives:)
I think allergic would be more fitting.
For the checkup thing the article is about?
I still don't see how you infer that from the data provided (the list of options has only that one unclear line among the part that is really about verification by postal address after all) but like i said, my care is limited.
Hmmm, maybe
Lol, it's like... Gotta get priorities straight... Bit anal about stuff but you know... The beer... The meat... The Mädchen.... The Lederhosen.
On topic:
Some might actually require postal confirmation yes. I once had to cancel a server by snail mail. And forget about doing it last second... 30 days in advance or you screwed.
Then again, they're also very serious about refunds. Almost everything is prorated to the second.