Yesterday, I logged in to manage.cgi for the domain in question and noted that the name servers listed there had not been changed (yet the roots had begun advertising domaindirect's name servers earlier in the day). In an attempt to possibly override Domain Direct's unauthorized DNS change, I "saved" the name servers again hoping it would force a root update. This morning, the roots are again showing the correct name servers (not sure if it was my "save" or someone else's update that fixed it).
This problem still needs to be looked into seriously. Either there is a bug in the access control system or there is a backdoor that Domain Direct has either discovered or been told about that allows them to update any domain in the OpenSRS system. Timeline: May 28, 2000 - Domain was originally registered April 24, 2002 - Transferred from Domain Direct. During transfer, one year was added making the expiration date May 28, 2003 June 2, 2002 - Authoritive name servers changed to domaindirect and domain began resolving to a domain direct page stating that the domain #######.com had been suspended. This leads me to believe that Domain Direct thought they were still authoritive for the domain and they also believed that the expiration date was May 28, 2002. I don't have a problem with that as errors will happen. What I can't understand is how they were able to change the name servers of the domain. This is the point that concerns me.
