Hello,
--- Dave Wood <opensrs@activeeffects.com> wrote:
> But OpenSRS should at least attempt to
> verify that the RSP is being unresponsive first. This applys to all
> changes or actions.
I'd tend to agree. Allowing the change to be made by fax without the
RSP being consulted opens up the door to "human engineering" from a
security aspect, in hijacking a domain or its passwords. E.g.
Oracle.com, GM.com, and BMO.com are large corporations that have their
names at OpenSRS. It would be trivial for a disgruntled employee to
send a fax on company overhead.
Having "Domain Lock" thankfully would prevent any harmful changes -- I
guess it's time to go through all the rest of my names now (I have to
do them manually one at a time, as I use only the RWI at present).
Sincerely,
George Kirikos
http://www.kirikos.com/
__________________________________________________
Do You Yahoo!?
Yahoo! Greetings - send holiday greetings for Easter, Passover
http://greetings.yahoo.com/
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:37:08 EDT