This whole highjack the domain by an RSP is silly. If you give an RSP the
client interface to register and manage domains on his side that the domain
owners are using, there is nothing they can't do to mess you up with or
without the source code to the application. I can think of 5 different ways
to get all the information I need if the traffic flows through my network in
any form, and that is just off the top of my head.
The is strictly a policy and policy enforcement issue.
Tim Jung
System Admin
Internet Gateway Inc.
tjung@igateway.net
----- Original Message -----
From: "David Iyoha" <iyohada@email.uc.edu>
To: <discuss-list@opensrs.org>
Cc: "Brad Flight" <bmf@webservepro.com>
Sent: Tuesday, February 29, 2000 10:58 AM
Subject: Re: New Ideas for OpenSRS (or wish list) - Reseller Access
> Hello,
>
> That is great from the perspective of the reseller. Unfortunately (or not)
the
> end customer has to be protected from their domains being hijacked or
> mismanaged by a reseller. I believe the reseller has to be empowered to an
> extent to prevent unnecessary delays in the normal course of business BUT
the
> domain owner's protection must be the priority. I am sure a mid point
exists or
> can be figured out.
>
> David
>
> Brad Flight wrote:
>
> > On Tue, 29 Feb 2000, Richard B. Pyne wrote:
> >
> > > Well put. My original message about reseller access to customer
acounts
> > > was for this very reason, so I can provide SERVICE to my customers.
Under
> > > the "old" NSI system, when I handled a registration for a customer, I
> > > listed myself as the Technical Contact if I was providing DNS and
hosting
> > > services, and depending on the customer and the level of service being
> > > provided, as the Administrative Contact. As such, I had the ability to
> > > make ANY AND ALL changes needed to the registration record. This has
> > > allowed me several times to protect my customers from shooting
themselves
> > > in the foot.
> > >
> > > It seems that it would be quite trivial to allow RSPs unlimited
editing
> > > capability for THEIR OWN CUSTOMERS registration records. This way we
can
> > > be true SERVICE providers, not just some middle man broker who then
tells
> > > the end customer "sorry, I can't help you" when there is a problem.
> > >
> >
> > *exactly!*
> >
> > As Service providers we need to assume all our customers are complete
> > morons. otherwise, we'll fall flat on our faces when we run into one.
> >
> > If we cannot provide top notch service to out customers, then they will
> > stop paying the company. and if they stop paying the company we lose
> > jobs, and well that sucks. I'm not saying we need to hold thier hands or
> > anything, but i do think it's extreamly important that WHEN (not if)
they
> > lose thier passwords or want to change thier email address on there or
> > whatever, we can fix it without any major delays.
> >
> > with out the service there are no jobs, and with out the jobs we'd all
be
> > working in advertising ;)
> >
> > -brad
> >
> > --
> > _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
> > _/ Brad Flight _/
> > _/ bmf@webservepro.com _/
> > _/ [Unix/MacOS/Rip The System] _/
> > _/ "Where is my mind?" -Pixies _/
> > _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
>
> --
> Systematic Software
> david.iyoha@systware.com
> (513) 241 3331
> http://www.systware.com
>
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:35:24 EDT