I am using XML_Client.pm directly.
My understanding was (and correct me if i'm wrong, please!) that
to perform the MODIFY action, a cookie is needed.
And to SET a COOKIE a reg_username and reg_password was needed ?
-----Original Message-----
From: Chuck Hatcher [mailto:[EMAIL PROTECTED]]
Sent: 24 February 2001 16:47
To: Ian Kirk
Cc: [EMAIL PROTECTED]
Subject: Re: Dumb Question
The OpenSRS system doesn't enforce this, it's just the way the provided
client software works. The client scripts supplied by OpenSRS are generic,
and are designed to work in typical situation in which the end-user controls
the login information for their domain names.
If your model is different, such as if you want to hold the username and
password for all the domain names your customers register, then you will
need to modify the scripts to do authentication differently. Some RSP's
have done this, and their customers can only make modifications through
them.
In this case, you would probably want to be the administrative contact for
all the domains.
----- Original Message -----
From: "Ian Kirk" <[EMAIL PROTECTED]>
To: "OpenSRS Dev List" <[EMAIL PROTECTED]>
Sent: Saturday, February 24, 2001 11:21 AM
Subject: Dumb Question
> Hi,
>
> Perhaps its a dumb question, but why does the OpenSRS system enforce
> a requirement of a username and password for each domain?
> (Or one shared over a number of domains for the same end-user).
>
> Other DNS systems, such as Nominet[1], make it the responsibility
> of the member to handle authentication on who can and who can't modify
> a domain registered by the member.
> The end-user only gets invovled when the member is not doing anything or
> the legal owner is being changed etc.
>
> Its fair enough if you want to allow end-users to modify domains, but
> that might not be what a "complete solution" entails.
>
> One example is a hosting company that registers and pays for the
> domains on behalf of its end users (setting the owner to that end-user).
> Now say that the hosting company dosen't record the username/password
> that the end-user has registered with OpenSRS for a domain. Then assume
> the hosting company wishes to change all of the nameservers for all of
> its domains.
>
> Can it do this without knowing the username/password for the end-user ?
>
> If not, surely that may be an issue ?
>
> --
> Ian Kirk
> [EMAIL PROTECTED]
>
> [1] www.nic.uk
