All your comments below on register.cgi are a non-starter. I don't think
this was ever made clear and I have talked with Tom McDonald and Ross Rader
about this program.
register.cgi is not a program that OpenSRS expects or really even wants
people to use in reality. It is an example script of how you might code your
own script to save registrations to your own database and then instantly
register domains with OpenSRS. So I think the point should be that people
should use the other scripts and not really worry too much about
register.cgi since it is more example code than anything else.
Tim Jung
System Admin
Internet Gateway Inc.
tjung@igateway.net
----- Original Message -----
From: "M. Oesterwinter" <marcuso@u.washington.edu>
To: <discuss-list@opensrs.net>
Sent: Thursday, January 06, 2000 3:15 AM
Subject: Thoughts on to do's....
> Here is what I see as priorities and issues that I see for OpenSRS to go
> live (they are listed pretty much from biggest priority to smallest):
>
> 1. reg_system.cgi needs to give users access to nameservers
>
> 2. OpenSRS needs a way to give users access to lost passwords whether it
> be via allowing resellers direct access to records (brings up liability
> issues), or by a form that sends e-mail, fax, or snail mail with the
> password to the owner contact. If we, the resellers, do have direct
> access, we should probably have a check box built into the system that
> allows users to disable that feature.
>
> 3. Not everyone is affiliated with an organization. This field should not
> be required.
>
> Security issues:
>
> 1. In register.cgi, if someone uses this from a remote computer (say at a
> school, or internet cafe), and doesn't close the browser, someone can come
> to the computer and hit the back key on the browser and register as many
> domains as they want without entering a password. There should be a
> password prompt every time you register....
>
> 2. It has been said that the current system doesn't allow resellers to
> change domain records once they are registered. This is not the case. On
> the admin website, you can go into View Completed Orders, and click on a
> domain, you will see the domain information. All you have to do is change
> the status from Completed to pending, press save changes, and you will be
> able to change any field you want.
>
> Issues that will need attention to gain the system credibility:
>
> 1. System to allow users to transfer their domains to us.
>
> 2. Policy for domain renewals. There needs to be a form on the site to
> allow users to pay for renewals. We should not have to manually re-enter
> credit card information.
>
> 3. What happens if OpenSRS gets cancelled? Where does that leave users?
> What happen if one of us goes out of business? Where does that leave
> users?
>
> Requests to make our lives easier:
>
> 1. When doing rite testing, it asks to make the password test-complete,
> however the password field is only 10 characters long, and it doesn't fit.
> Change the password to complete or something.
>
> 2. I believe authorize.net is probably the most widely used real-time
> merchant gateway among us. It would be nice to have some instructions on
> how to integrate the authorize.net gateway with OpenSRS. If it is
> expected that each one of us do it on our own, it surely wouldn't be to
> difficult for OpenSRS to offer some functionality.
>
> 3. register.cgi should have a checkbox for making the admin contact the
> same as the domain ownership information when you initially register a new
> person.
>
> 4. It would be nice if some optional fields that coulld be added to the
> software and viewed on the admin site. A field that asks where
> the user heard about the site would be very helpful.
>
> 5. I think it would be better to use an e-mail instead of a username to
> login. E-mail addresses are easier to remember than user names. (this
> would be easy to change on our own....)
>
> I am sorry for what seems like ranting, but I just want to try to make
> some of the issues clear to the OpenSRS team. I know the OpenSRS team is
> working hard, and for that I would like to extend my greatest thank you's,
> and especially to Tom for coming in and answering all our questions.
>
> - Marcus Oesterwinter
> Core Web Ventures, Inc.
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:35:16 EDT