<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] RE: WLS Input
Ron and all assembly members,
Interesting here Ron. Your comments earlier see:
http://www.dnso.org/clubpublic/ga/Arc09/msg00583.html
In which I quote in part seem to be in direct conflict to
what you are saying below to wit you stated:
"Of course I'm in agreement that there is a significant security gap.
That's
why we introduced SnapBack 13 months ago as a safety countermeasure for
those who are concerned about such security risks."
And also in your post:
http://www.dnso.org/clubpublic/ga/Arc09/msg00574.html
You seem to be contradicting your comments below also in which you
stated to wit:
"When we conduct CLE classes (continuing legal
education courses, for credits) we always educate attorneys that the
best
strategy is to register for long periods of time. Besides being far
more
economical, it's far more sensible. Some companies, however, have so
much
at stake in a single domain name that they want the extra insurance of
a
SnapBack. One reason is that it provides "early warning" of tampering
with
the domain record, e.g. when a webmaster changes the admin contact to
his
yahoo account before leaving the company."
Ron Wiener wrote:
> Jeff,
>
> To my knowledge neither SnapNames nor VeriSign has *ever* touted WLS as a
> security product. To the contrary. Some of the proposal's opponents, in
> seeking to blemish the WLS concept, continue to espouse the notion - rather
> ridiculously - that the existence of WLS would compel current registrants to
> take subscriptions out on their own names. This preposterous allegation has
> been spread, like folk lore, to the far corners of these boards, and now
> apparently being deemed as fact by innocent bystanders. If you scan every
> document or e-mail put out by VGRS or SnapNames on the WLS you will not
> find, I assure you, any hint of the idea that WLS should be viewed as a
> security product.
>
> To be clear: SnapBack and WLS are two entirely different product. WLS is a
> subset of the SnapBack functionality and includes NO security monitoring.
>
> Thanks for the courtesy allowing me to clear the air on this.
>
> Cheers,
> Ron
>
>
> > -----Original Message-----
> > From: Jeff Williams [mailto:jwkckid1@ix.netcom.com]
> > Sent: Wednesday, January 16, 2002 8:15 PM
> > To: Ron Wiener
> > Cc: 'k@widgital.com'; Cameron Powell; ga@dnso.org
> > Subject: Re: [ga] RE: WLS Input
> >
> >
> > Ron and all assembly members,
> >
> > Ron Wiener wrote:
> >
> > > Jeff,
> > >
> > > Of course I'm in agreement that there is a significant
> > security gap.
> > > That's why we introduced SnapBack 13 months ago as a safety
> > > countermeasure for those who are concerned about such
> > security risks.
> > > While it's not my area of expertise (we have other people
> > here who are
> > > much more knowledgable than I on the RRP/EPP/SRS et al) I'm pretty
> > > sure this issue is entirely outside of the scope of the WLS.
> >
> > Security is one of my areas of expertise. WLS however is
> > being touted as is your product, Snapback as in part, an
> > attempt to address the security related existing problems, as
> > you stated above in your comments, to RRP/SRS. Hence I am a
> > bit confused as to the context and tone of this response in
> > general, and in specific to those known security
> > problems/concerns. Hence my statements to address the
> > central problem instead of address that central problem
> > (Security) as it is directly also related to the Delete issue
> > through a more concerted effort to develop a solution that
> > encompasses these directly corresponding or related issues...
> >
> > >
> > >
> > > Thanks,
> > > Ron
> > >
> > > > -----Original Message-----
> > > > From: Jeff Williams [mailto:jwkckid1@ix.netcom.com]
> > > > Sent: Wednesday, January 16, 2002 6:45 PM
> > > > To: Ron Wiener
> > > > Cc: 'k@widgital.com'; Cameron Powell; ga@dnso.org
> > > > Subject: Re: [ga] RE: WLS Input
> > > >
> > > >
> > > > Ron and all assembly members,
> > > >
> > > > Ron, I think that one of the things or central area of concern
> > > > here that you are missing is that the problem is really
> > deeper than
> > > > you seem to be articulating. The RRP, SRS and Whois DB's are not
> > > > secure or secure enough to thwart simple circumvention in
> > the case
> > > > of the RRP. Hence, the delete problem has legs for
> > hackers (And not
> > > > ever really slick ones) to circumvent or otherwise compound the
> > > > delete issue, not to mention make record changes as to
> > ownership of
> > > > Domain names in the RRP DB. Same is true for SRS, but to a
> > > > lesser degree, and Whois as well. GIve me a monkey and
> > > > enough bananas and I can do just about anything I want with
> > > > RRP data if a very short period of time. Hence a more
> > > > complete solution for the delete problem is needed.
> > > >
> > > > Ron Wiener wrote:
> > > >
> > > > > K, good question.
> > > > >
> > > > > There appears to be some confusion between SnapBack -
> > which is a
> > > > > monitoring AND waiting list service, and the proposed WLS -
> > > > which has
> > > > > no monitoring component. We have many IP clients including
> > > > most major
> > > > > IP law firms, government agencies and many major
> > corporations who
> > > > > employ SnapBack primarily for its monitoring capability
> > and only
> > > > > secondarily as a double safety net in case their name
> > accidentally
> > > > > deletes due to clerical error or registry/registrar
> > error. When
> > > > > we conduct CLE classes (continuing legal education courses,
> > > > for credits)
> > > > > we always educate attorneys that the best strategy is to
> > > > register for
> > > > > long periods of time. Besides being far more
> > economical, it's far
> > > > > more sensible. Some companies, however, have so much
> > at stake in
> > > > > a single domain name that they want the extra insurance of a
> > > > SnapBack.
> > > > > One reason is that it provides "early warning" of tampering
> > > > with the
> > > > > domain record, e.g. when a webmaster changes the admin
> > > > contact to his
> > > > > yahoo account before leaving the company. Another reason
> > > > is that very
> > > > > often the billing and admin contacts will have left the
> > > > company in 5
> > > > > or 10 years when the registration renewal comes up again,
> > > > and they do
> > > > > not want to take the risk. The protection against an
> > > > illegal transfer
> > > > > (cyber-jacking) or employee sabotage is far more important than
> > > > > accidental cancellation protection, when common sense
> > is practiced
> > > > > (i.e. important names are registered for 5 to 10 years).
> > > > >
> > > > > Frankly, K, protective use of SnapBack represents low
> > > > single digits of
> > > > > the sales of the product. We have some resellers, e.g.
> > > > > NameEngine, that provide domain name management
> > services to very
> > > > > large corporations, and they have some protection products in
> > > > > which they bundle SnapBack. There have been some very
> > > > > high-profile names that we've recovered for corporate clients
> > > > > using SnapBack, like entertainmenttonight.com and
> > > > > americanexpress.net, as a couple of examples that come to mind.
> > > > >
> > > > > As for what we will do in the future to help trademark
> > holders: We
> > > > > will continue to offer some form of free monitoring service
> > > > as we do
> > > > > today with our SnapShot product, but we plan on introducing
> > > > a low-cost
> > > > > security monitoring product separate from SnapBack which
> > > > will provide
> > > > > the same security features, plus some new enhancements over the
> > > > > current SnapBack product, but without the waiting list
> > > > function. This
> > > > > will be a product that all registrars will be able to offer
> > > > to their
> > > > > customers. It should be ready by Q2.
> > > > >
> > > > > Hope that's helpful. If you have any further questions
> > > > about how we
> > > > > can assist trademark holders please feel free to contact
> > > > our Customer
> > > > > Support department, and ask for one of the legal
> > > > professionals on the
> > > > > staff.
> > > > >
> > > > > Cheers,
> > > > > Ron
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: k@widgital.com [mailto:k@widgital.com]
> > > > > > Sent: Wednesday, January 16, 2002 7:29 AM
> > > > > > To: Ron Wiener
> > > > > > Cc: cameronp@snapnames.com; ga@dnso.org
> > > > > > Subject: RE: WLS Input
> > > > > >
> > > > > >
> > > > > > ><snip> And many of these customers are trademark owners
> > > > > > >re-acquiring names in which they consider themselves to have
> > > > > > >intellectual property rights. See
> > > > > > >http://www.snapnames.com/corporate_clients.html.
> > > > > > >
> > > > > > >(All contents of SnapNames' website are protected
> > from direct
> > > > > > >copying by applicable copyright laws.)
> > > > > > >
> > > > > - snip -
> > > > >
> > > > > >
> > > > > >
> > > > > > What will you do to support the Trademark owners who already
> > > > > > have the domains that match their trademarks and do
> > not wish to
> > > > > > discontinue use of them at any time? None of your literature
> > > > > > permits these folks to opt-out of your automated
> > re-registration
> > > > > > program.
> > > > > >
> > > > > > :)
> > > > > >
> > > > > > ~k
> > > > >
> > > >
> > > > Regards,
> > > > --
> > > > Jeffrey A. Williams
> > > > Spokesman for INEGroup - (Over 121k members/stakeholdes
> > > > strong!) CEO/DIR. Internet Network Eng/SR. Java/CORBA Development
> > > > Eng. Information Network Eng. Group. INEG. INC. E-Mail
> > > > jwkckid1@ix.netcom.com Contact Number: 972-244-3801 or
> > 214-244-4827
> > > > Address: 5 East Kirkwood Blvd. Grapevine Texas 75208
> > > >
> > > >
> >
> > Regards,
> > --
> > Jeffrey A. Williams
> > Spokesman for INEGroup - (Over 121k members/stakeholdes
> > strong!) CEO/DIR. Internet Network Eng/SR. Java/CORBA
> > Development Eng. Information Network Eng. Group. INEG. INC.
> > E-Mail jwkckid1@ix.netcom.com Contact Number: 972-244-3801
> > or 214-244-4827
> > Address: 5 East Kirkwood Blvd. Grapevine Texas 75208
> >
> >
Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 121k members/stakeholdes strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number: 972-244-3801 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208
--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|