To:
<budi@alliance.globalnetlink.com>, <ietf-provreg@cafax.se>
From:
"Peter Mott" <peter@2day.com>
Date:
Thu, 11 Jan 2001 12:10:43 +1300
Importance:
Normal
In-Reply-To:
<200101102251.QAA23055@alliance.globalnetlink.com>
Sender:
owner-ietf-provreg@cafax.se
Subject:
RE: Security vs. Authorization
> As I (and others) mentioned earlier, > if the authority (in a form of certificate, token, whatever > authentication technology implemented) is in the registrant hand, > this would not be a problem. Having worked with customers using our automated services since 1996, I can assure you that no matter how much care you take to ensure the registrant has a key or similar, they WILL loose it or not have it when they need it. You can usually also be sure that the entity requesting changes will not be the registrant (who is not even slightly interested in this stuff) but their agent. Thats the real world. > The registrant can remove/revoke the authority given to the > registrar and delegate the authority to another registrar or > even to the registry to make changes. This is going to be a fun debate when we get to it :-) Regards Peter Mott Chief Enthusiast 2day.com -/-