nanog mailing list archives
Re: WARNING: AOL is hosed (again)
From: Sean Donelan <SEAN () SDG DRA COM>
Date: Fri, 16 Oct 1998 16:01:02 -0500
This is too trivial for words. We do SSL authenticated registrations for our normal order processing, using CC transactions. I have always wondered why NSI can't run both SSL and take immediate CC payments for domain-registrations. It's not like they don't have the cash to make this happen. It also wouldn't hurt to setup some ssh-forwarded ports and drop the whole mess behind a firewall either.
Run of the mill SSL does not protect against client forgery or impersonation. It protects against transmission wiretapping and some types of server impersonation. I can use a forged credit card number with SSL. Encryption is not a magic wand. On the other hand, security is a pain. I know I haven't taken advantage of all the security features NSI offers for all the objects I have registered over the years. The Guardian workflow process is still annoyingly convuleted enough, the default ends up being no protection if you miss or forget any of the steps. I guess it makes sense from NSI's point of view, cutting down on the number of 'lost' password or PGP key calls. Tell me again, what's your mother's maiden name? -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation
Current thread:
- WARNING: AOL is hosed (again) Stephen Sprunk (Oct 16)
- Re: WARNING: AOL is hosed (again) Mark Borchers (Oct 16)
- Re: WARNING: AOL is hosed (again) Mike Leber (Oct 16)
- Re: WARNING: AOL is hosed (again) Gary E. Miller (Oct 19)
- Re: WARNING: AOL is hosed (again) Mark Borchers (Oct 19)
- <Possible follow-ups>
- Re: WARNING: AOL is hosed (again) Sean Donelan (Oct 16)
- Re: WARNING: AOL is hosed (again) Roeland M.J. Meyer (Oct 16)
- Message not available
- Re: WARNING: AOL is hosed (again) Jay R. Ashworth (Oct 20)
- Re: WARNING: AOL is hosed (again) Mark Borchers (Oct 16)
- Re: WARNING: AOL is hosed (again) Sean Donelan (Oct 16)
- Re: WARNING: AOL is hosed (again) Roeland M.J. Meyer (Oct 16)
- Re: WARNING: AOL is hosed (again) Manar Hussain (Oct 19)
- Re: WARNING: AOL is hosed (again) CyberTech/CTCS%CTCS (Oct 19)