On Thu, Jan 13, 2000 at 02:35:02PM -0500, Shafik Yaghmour wrote: > You make a pretty huge assumption that the administrator of > that domain will miss the response from network solutions or will do > nothing about it, both of which are not very good assumptions. Although I > do agree it should be more secure, I don't think it is necessarily easy, > it is possible someone could be lucky and do it but they would be dumb to > place any bets on it. After one attempt you would hope if the admin was > not using CRYPT-PW they would start using it. No, we make the really tiny assumption that netsol are not lying when they say the following in their documentation: (this is in the section for people NOT using Guardian) If you submit a Service Agreement to modify the domain name registration from administrativecontactat_private, or if the technical contact sends one from technicalcontactat_private, the request will be processed and neither one of you will be notified at any time during the transaction. Wake up! There is NO security for people who opt not to use Guardian, even a small child can post fake-mail so the From: check is worth absolutely nothing. Nick.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:28:24 PDT