Hello, --- Dave Wood <[EMAIL PROTECTED]> wrote: > But OpenSRS should at least attempt to > verify that the RSP is being unresponsive first. This applys to all > changes or actions.
I'd tend to agree. Allowing the change to be made by fax without the RSP being consulted opens up the door to "human engineering" from a security aspect, in hijacking a domain or its passwords. E.g. Oracle.com, GM.com, and BMO.com are large corporations that have their names at OpenSRS. It would be trivial for a disgruntled employee to send a fax on company overhead. Having "Domain Lock" thankfully would prevent any harmful changes -- I guess it's time to go through all the rest of my names now (I have to do them manually one at a time, as I use only the RWI at present). Sincerely, George Kirikos http://www.kirikos.com/ __________________________________________________ Do You Yahoo!? Yahoo! Greetings - send holiday greetings for Easter, Passover http://greetings.yahoo.com/
