Yup, Verisign does have a conflict of interest that does not exists with Afilias and Neulevel.
On Wed, 22 Jan 2003 16:38:35 -0500
"Charles Daminato" <[EMAIL PROTECTED]> wrote:
Well, at least the registrar has proof that someone with access to the
AuthCode was involved ;)
There are rumours that Verisign may be employing AuthCodes - I see this as a
good thing.
--
Charles Daminato Life is not holding a good hand;
OpenSRS Product Manager Life is playing a poor hand well.
Tucows Inc. - [EMAIL PROTECTED] - Danish proverb
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
Behalf Of [EMAIL PROTECTED]
Sent: January 22, 2003 4:32 PM
To: [EMAIL PROTECTED]
Subject: Re: Transfer Email
Dave,
Personally I think your issue may be even easier to
address and it currently exists: domain *AUTHORIZATION
CODES*.
.Info and .Biz use it and it works just fine. I know that
NSI is a fox guarding the hen house, but with auth codes
the losing registrar has *PROOF* the owner was involved in
the transfer process. That is not currently the case.
Of course NSI will have to be dragged kicking and
screaming before they will ever consider such a thing.
They prefer the deception of a "waiting period" .......
Charles
On Wed, 22 Jan 2003 13:49:39 -0700
"Dave Warren" <[EMAIL PROTECTED]> wrote:
>> > Yes spammers will in the end get email addresses. But
>>I firmly
>> > believe there is more than enough intelectual
>>horsepower among the
>> > internet community to come up with a way to make whois
>>mining
>> > intractable .....
>>
>> Maybe:
>> - for "anonymous" users, limit the number of WHOIS
>>requests to a very
>> small number / IP / day, and change e-mail addresses to
>>****@domain
>> - for "trusted" users (well, it is hard to define
>>this... maybe this
>> one is not needed at all), limit the number of WHOIS
>>requests from
>> the same user/day, and include e-mail addresses in the
>>response
>
>Make it a registry command, each registrar can query the
>registry for the
>administrative and technical contact information. The
>registry will then
>query the registrar of record, and if the registrar fails
>to provide a
>response they are billed $100 and the original registry
>is notified to try
>again ASAP.
>
>After that, if GoDaddy doesn't want to return email
>addresses, it's their
>own call. At $100 per bogus answer, I bet they'll decide
>they'd rather lose
>the domain then pay $100 every few seconds.
>
>What will be done with the money? I'm thinking third
>world countries, local
>charities, whatever. Nobody profits, this is just
>designed to be an
>asskicking for those that don't play by the rules.
>
>Exceptions will be made for scheduled system outages,
>within a reasonable
>SLA. Exceptions will also be made for honest accidental
>outages, but again,
>within a reasonable SLA. You can't be down 23 hours and
>59 minutes per day
>every day, or for any excessive period of time.
>
>Lastly, I'd like to see a cost imposed on the registrar
>if they choose to
>DAK a transfer unless they have disabled the domain IN
>ADVANCE. By disabled
>the domain, I'm talking a full lock, NS dropped from the
>roots and
>everything. This is intended to prevent a registrar like
>NetSol from
>denying transfers left right and center on their own. In
>order for this to
>work, there would have to be some way for the end user to
>DAK without the
>registrar incurring a fee, this would get a bit more
>complex in a thin
>registry, but could be workable.
>
>--
>I used to be indecisive, now I'm not so sure.
>
>
