<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] RE: WLS Input
Ron and all assembly members,
Ron Wiener wrote:
> Jeff,
>
> Of course I'm in agreement that there is a significant security gap. That's
> why we introduced SnapBack 13 months ago as a safety countermeasure for
> those who are concerned about such security risks. While it's not my area
> of expertise (we have other people here who are much more knowledgable than
> I on the RRP/EPP/SRS et al) I'm pretty sure this issue is entirely outside
> of the scope of the WLS.
Security is one of my areas of expertise. WLS however is being touted
as is your product, Snapback as in part, an attempt to address the
security related existing problems, as you stated above in your comments,
to RRP/SRS. Hence I am a bit confused as to the context and tone
of this response in general, and in specific to those known security
problems/concerns. Hence my statements to address the central
problem instead of address that central problem (Security) as it is
directly also related to the Delete issue through a more concerted
effort to develop a solution that encompasses these directly
corresponding or related issues...
>
>
> Thanks,
> Ron
>
> > -----Original Message-----
> > From: Jeff Williams [mailto:jwkckid1@ix.netcom.com]
> > Sent: Wednesday, January 16, 2002 6:45 PM
> > To: Ron Wiener
> > Cc: 'k@widgital.com'; Cameron Powell; ga@dnso.org
> > Subject: Re: [ga] RE: WLS Input
> >
> >
> > Ron and all assembly members,
> >
> > Ron, I think that one of the things or central area of
> > concern here that you are missing is that the problem is
> > really deeper than you seem to be articulating. The RRP, SRS
> > and Whois DB's are not secure or secure enough to thwart
> > simple circumvention in the case of the RRP. Hence, the
> > delete problem has legs for hackers (And not ever really
> > slick ones) to circumvent or otherwise compound the delete
> > issue, not to mention make record changes as to ownership of
> > Domain names in the RRP DB. Same is true for SRS, but to a
> > lesser degree, and Whois as well. GIve me a monkey and
> > enough bananas and I can do just about anything I want with
> > RRP data if a very short period of time. Hence a more
> > complete solution for the delete problem is needed.
> >
> > Ron Wiener wrote:
> >
> > > K, good question.
> > >
> > > There appears to be some confusion between SnapBack - which is a
> > > monitoring AND waiting list service, and the proposed WLS -
> > which has
> > > no monitoring component. We have many IP clients including
> > most major
> > > IP law firms, government agencies and many major corporations who
> > > employ SnapBack primarily for its monitoring capability and only
> > > secondarily as a double safety net in case their name accidentally
> > > deletes due to clerical error or registry/registrar error. When we
> > > conduct CLE classes (continuing legal education courses,
> > for credits)
> > > we always educate attorneys that the best strategy is to
> > register for
> > > long periods of time. Besides being far more economical, it's far
> > > more sensible. Some companies, however, have so much at stake in a
> > > single domain name that they want the extra insurance of a
> > SnapBack.
> > > One reason is that it provides "early warning" of tampering
> > with the
> > > domain record, e.g. when a webmaster changes the admin
> > contact to his
> > > yahoo account before leaving the company. Another reason
> > is that very
> > > often the billing and admin contacts will have left the
> > company in 5
> > > or 10 years when the registration renewal comes up again,
> > and they do
> > > not want to take the risk. The protection against an
> > illegal transfer
> > > (cyber-jacking) or employee sabotage is far more important than
> > > accidental cancellation protection, when common sense is practiced
> > > (i.e. important names are registered for 5 to 10 years).
> > >
> > > Frankly, K, protective use of SnapBack represents low
> > single digits of
> > > the sales of the product. We have some resellers, e.g. NameEngine,
> > > that provide domain name management services to very large
> > > corporations, and they have some protection products in which they
> > > bundle SnapBack. There have been some very high-profile names that
> > > we've recovered for corporate clients using SnapBack, like
> > > entertainmenttonight.com and americanexpress.net, as a couple of
> > > examples that come to mind.
> > >
> > > As for what we will do in the future to help trademark holders: We
> > > will continue to offer some form of free monitoring service
> > as we do
> > > today with our SnapShot product, but we plan on introducing
> > a low-cost
> > > security monitoring product separate from SnapBack which
> > will provide
> > > the same security features, plus some new enhancements over the
> > > current SnapBack product, but without the waiting list
> > function. This
> > > will be a product that all registrars will be able to offer
> > to their
> > > customers. It should be ready by Q2.
> > >
> > > Hope that's helpful. If you have any further questions
> > about how we
> > > can assist trademark holders please feel free to contact
> > our Customer
> > > Support department, and ask for one of the legal
> > professionals on the
> > > staff.
> > >
> > > Cheers,
> > > Ron
> > >
> > > > -----Original Message-----
> > > > From: k@widgital.com [mailto:k@widgital.com]
> > > > Sent: Wednesday, January 16, 2002 7:29 AM
> > > > To: Ron Wiener
> > > > Cc: cameronp@snapnames.com; ga@dnso.org
> > > > Subject: RE: WLS Input
> > > >
> > > >
> > > > ><snip> And many of these customers are trademark owners
> > > > >re-acquiring names in which they consider themselves to have
> > > > >intellectual property rights. See
> > > > >http://www.snapnames.com/corporate_clients.html.
> > > > >
> > > > >(All contents of SnapNames' website are protected from direct
> > > > >copying by applicable copyright laws.)
> > > > >
> > > - snip -
> > >
> > > >
> > > >
> > > > What will you do to support the Trademark owners who already have
> > > > the domains that match their trademarks and do not wish to
> > > > discontinue use of them at any time? None of your literature
> > > > permits these folks to opt-out of your automated re-registration
> > > > program.
> > > >
> > > > :)
> > > >
> > > > ~k
> > >
> >
> > Regards,
> > --
> > Jeffrey A. Williams
> > Spokesman for INEGroup - (Over 121k members/stakeholdes
> > strong!) CEO/DIR. Internet Network Eng/SR. Java/CORBA
> > Development Eng. Information Network Eng. Group. INEG. INC.
> > E-Mail jwkckid1@ix.netcom.com Contact Number: 972-244-3801
> > or 214-244-4827
> > Address: 5 East Kirkwood Blvd. Grapevine Texas 75208
> >
> >
Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 121k members/stakeholdes strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number: 972-244-3801 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208
--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|