The way I have implemented this is easy, send a secure request to
https://rr-n1-tor.opensrs.net/~vpop/resellers/index.cgi
read the cookie, and then another request to
https://rr-n1-tor.opensrs.net/~vpop/resellers/index.cgi?action=send_password
&domain=domainname.com
with the saved cookie in the header,
it is very secure, and I have used SSLeay to do the requests.
But what you have mentioned about compromising the email address, can be
solved by saving locally a challange question and answer,
is this a good idea??
Regards
Issam
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Charles
Daminato
Sent: Saturday, July 22, 2000 11:33 PM
To: Issam W. Alameh
Cc: [EMAIL PROTECTED]
Subject: RE: automate sending username and password
Legal implications are only in place depending on how you implement the
feature and security you place around it.
Security holes only really come into place if the Admin Contact's email
address has been comprimised.
Charles Daminato
OpenSRS Support Manager
[EMAIL PROTECTED]
On Sat, 22 Jul 2000, Issam W. Alameh wrote:
> Sorry for raising this up, I need some comments.
>
> Regards
> Issam
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Issam W. Alameh
> Sent: Friday, July 21, 2000 11:27 PM
> To: [EMAIL PROTECTED]
> Subject: automate sending username and password
>
>
> hello,
> can any body tell me if there is any legal implication/ security hole if I
> integrate into my site, a script to automate sending username and password
> to Admin contact in registered domains?
>
> Issam
>
