> >> Details will be coming, however, we decided that the lock will be easy to > >> add and remove for simplicity. The reseller will have the ability to > >> lock/unlock, and if you run your own manage there will be a flag to enable > >> the lock/unlock in the manage.cgi interface (this will not be offered in > >> the public manage interface at https://manage.opensrs.net) > > > What stops the RSP from using the registrar lock maliciously, as a tool to > > annoy the customer? > > > As an example, as an RSP, I could registrar lock all the domains registered > > through myself, and charge a regular service fee to have the lock removed. > > There is nothing to prevent you from trapping usernames/passwords and > modifying anything in the domain as it is.
It takes time and energy for an RSP to do so, and even so, the RSP would not be allowed to change contact information... Additionally, RSPs are required to provide management access to their customers, are they not? Even so, a customer could still transfer to another RSP if needed. -- The nice thing about standards, there is enough for everyone to have their own.
