|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: WARNING: AOL is hosed (again)
>This is too trivial for words. We do SSL authenticated registrations for >our normal order processing, using CC transactions. I have always wondered >why NSI can't run both SSL and take immediate CC payments for >domain-registrations. It's not like they don't have the cash to make this >happen. It also wouldn't hurt to setup some ssh-forwarded ports and drop >the whole mess behind a firewall either. Run of the mill SSL does not protect against client forgery or impersonation. It protects against transmission wiretapping and some types of server impersonation. I can use a forged credit card number with SSL. Encryption is not a magic wand. On the other hand, security is a pain. I know I haven't taken advantage of all the security features NSI offers for all the objects I have registered over the years. The Guardian workflow process is still annoyingly convuleted enough, the default ends up being no protection if you miss or forget any of the steps. I guess it makes sense from NSI's point of view, cutting down on the number of 'lost' password or PGP key calls. Tell me again, what's your mother's maiden name? -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation
|