To:
Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net>
CC:
"'ietf-provreg@cafax.se'" <ietf-provreg@cafax.se>
From:
Daniel Manley <dmanley@tucows.com>
Date:
Fri, 23 Nov 2001 11:47:53 -0500
Sender:
owner-ietf-provreg@cafax.se
User-Agent:
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.5) Gecko/20011012
Subject:
Re: auth_info for transfer query command
well, maybe this doesn't really apply in EPP. I'm probably just stuck on RRP and the way it's so secretive (eg. restrictive "status" command). But since any client can "info" anybody's objects in EPP, this probably isn't an issue at all. but I would still like to validate the authInfo before issuing a transfer request. Dan Eric Brunner-Williams in Portland Maine wrote: >Dan, > >>What does everyone think -- especially registrars using EPP now? >> > >Hmm. Not a registrar using epp. In fact, not a registrar. ;-) > >>Also without the auth_info being required for transfer query, this >>allows registrars not involved in the transfer to "spy" on others' >>activities. Is this ok? >> > >How? Could you elaborate on "spy"? > >Cheers, >Eric >