<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] Domain Transfers
"Ross Wm. Rader" wrote:
>
> Thanks,
>
> -rwr
>
> Leah -
>
> > It would increase the price of having a
> > domain tremendously because the costs to maintain it would rise
> > dramatically. It will also place great liability on the registry for use
> of
> > the domains.
>
> As does your earlier proposal "I still believe that the only way to safely
> handle transfers is with proper identification via fax or some other mail
> delivery." There quite a few ways that transfers can be effected without
> having to resort to a paper. Object authentication and exchange is one...
A fairly obvious and strightforward one would be to require PGP-signing of
all transactions.
There are some relevant RFCs. One defines an open PGP format:
ftp://ftp.isi.edu/in-notes/rfc1991.txt
another shows how it can be used to authenticate RIPE database updates:
ftp://ftp.isi.edu/in-notes/rfc2726.txt
That RIPE database is for IP address allocation
http://www.ripe.net/ripencc/pub-services/db/
but the procedures should be very close to what we need.
Basically, all you need is to require that all registrars generate PGP
keys and the registries sign them. Then there are two ways an update
can be authenticated:
An update is always accepted if it is signed either by the appropriate
regitrar key. For many users, this is all you need.
A domain owner who wants better control generates a key whose user ID
is the admin contact for the domain and gets it signed by the registrar.
Once that is done, the admin contact can do authenticated updates.
--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|