Autorisatiecode

• Moet aangemeld zijn als domeineigenaar
• Toegang tot admin contact e-mail
• Kan 2FA authenticatie vereisen

✓ Domain unlocked (transfer lock disabled)
✓ Not in redemption period
✓ No active UDRP dispute
✓ Not within 60 days of registration or previous transfer
✓ Admin email verified and accessible

• Geen uitstaande betalingen
• Rekening in goede staat
• Geen beveiliging.

Het domeinoverdrachtsproces

Stap-voor-stap overdracht met Auth-code

Day 0:
1. Unlock domain
2. Disable WHOIS privacy (temporarily)
3. Verify admin contact email is accessible
4. Obtain auth code
5. Document current DNS settings

Day 0:
1. Start transfer process at new registrar
2. Enter domain name
3. Provide auth code
4. Confirm admin contact email
5. Pay transfer fee (typically includes 1-year extension)

Day 0-1:
1. Email sent to admin contact
2. Approve transfer via email link
3. Current registrar notified
4. 5-day approval window starts (or immediate with approval)

Day 1-7:
1. Current registrar approves (or auto-approves after 5 days)
2. Domain transfers to new registrar
3. Registration extended by 1 year
4. Transfer complete

Transfertijdlijn

Immediate:    New registrar receives request
Day 0-1:      Approval email sent to admin contact
Day 1-5:      Waiting period (unless manually approved)
Day 5:        Auto-approval if current registrar doesn't respond
Day 5-7:      Transfer completes

Auth-codebeveiliging

Waarom Auth-codes noodzakelijk zijn

Zonder auth codes, domein kaping zou triviaal zijn:

Without Auth Code:
Attacker initiates transfer → Domain stolen

With Auth Code:
Attacker initiates transfer → Requires auth code → Blocked

Uw Auth-code beschermen

Beveiligingswaarschuwingen

Fake Email:
"Your domain is expiring! Provide your auth code to renew."

Legitimate Email:
Never asks for auth code unless YOU initiated transfer.

• Aanvallers kunnen zich voordoen als support aanvragend auth code
• Controleer altijd via officiële registrar kanalen
• Geef nooit een auth code aan iemand die beweert "ondersteuning" te zijn

Veelvoorkomende Auth Code issues

Probleem: Auth-code werkt niet

• Typo in code vermelding (lettergevoelig)
• Domein nog steeds vergrendeld
• Code verlopen of geregenereerd
• Whois privacy ingeschakeld
• Verkeerde domeinnaam ingevoerd

1. Double-check exact code (copy/paste)
2. Verify domain is unlocked
3. Request fresh auth code
4. Disable WHOIS privacy temporarily
5. Confirm domain spelling

Probleem: kan geen Auth-code verkrijgen

• Domein vergrendeld
• Recente registratie (< 60 dagen)
• Betalingsproblemen
• Beveiligingsstand
• Beperkingen van de griffier

1. Check domain lock status: dig example.com | grep clientTransferProhibited
2. Verify 60-day eligibility
3. Resolve outstanding payments
4. Contact registrar support for holds
5. Review registrar transfer policies

Probleem: E-mail niet ontvangen

• Spammap filteren
• Onjuiste admin email
• Email forwarding problemen
• Vertraging door de griffier

1. Check spam/junk folder
2. Verify admin contact email in WHOIS
3. Wait 1-2 hours
4. Request resend
5. Update contact email if incorrect

Auth Code vs Transfer Lock

Transfer Lock (Registrar Lock)

Aparte beveiligingsfunctie:

Transfer Lock: Prevents transfer initiation at registrar level
Auth Code:     Proves authorization when transfer is initiated

Both Required for Secure Transfer:
1. Unlock domain (disable transfer lock)
2. Provide auth code (prove authorization)

Domeinstatuscodes

EPP-statuscodes voor overdrachten:

clientTransferProhibited  → Transfer locked by registrar
serverTransferProhibited  → Transfer locked by registry
transferPeriod            → Currently transferring

# Check status:
whois example.com | grep -i transfer

Speciale overdrachtscenario's

Premiumdomeinen

Premium domeinen kunnen hebben:

• Hogere transferkosten
• Aanvullende controlevoorschriften
• Verlengde goedkeuringstermijnen
• Speciale auth code ophalen proces

Verlopen domein

Auth-codes voor verlopen domeinen:

Grace Period:       Auth code still available
Redemption Period:  Must restore before transfer (high fee)
Pending Delete:     No transfers allowed

Meerdere domeinoverdrachten

Overwegingen inzake bulkoverdracht:

# Obtain auth codes for all domains
for domain in domain1.com domain2.com domain3.com; do
  echo "Auth code for $domain: [request from registrar]"
done

# Organize codes securely
domains_authcodes.txt:
domain1.com → Xy8#kL2$pQ9m
domain2.com → Mz3%nB5@hR7k
domain3.com → Pq4&vN8!dS2w

Controle van de overdraagbaarheid

Checklist voor verzending

# 1. Check domain lock status
whois example.com | grep -i "Status:"

# 2. Verify registration date
whois example.com | grep -i "Creation Date:"

# 3. Check last transfer date
whois example.com | grep -i "Updated Date:"

# 4. Verify admin email is accessible
whois example.com | grep -i "Admin Email:"

# 5. Confirm DNS is documented (for continuity)
dig example.com ANY

DomScan gebruiken

curl "https://domscan.net/v1/health?domain=example.com"

# Returns transfer eligibility information:
# - Lock status
# - Registration date
# - Transfer lock details

Beste praktijken

Vóór overdracht

- DNS records

- E-mailinstellingen

- SSL-certificaten

- Naamservers

24-48 hours before transfer, set TTL to 300 seconds

   Allows quick DNS changes if needed

- Zonebestand exporteren

- Screenshot DNS-instellingen

- MX- en TXT-records opslaan

Tijdens overdracht

Na overdracht