A difference in RSP scripts vs Domain Direct scripts was previously raised
and addressed.
I stumbled across another which may or may not be regarded as a security
issue, but I know I am not too comfortable with it.
In essence a user with a domain registered with Tucows through an RSP, can
use another RSP's site to log into the system and maintain their domain.
So although someone is not your customer, they can still log into your site
hmmmm.....
By contrast a user, cannot log into Domain Direct. However, I am not sure if
the reverse is possible, i.e. if a user who registered with Domain Direct
can log into an RSP's site.
Of course I did not try any hanky-panky and not sure if it is even possible,
but then there are those (and I don't mean RSP's) who might get up to some
mischief.
ais
