ICANN/GNSO GNSO Email List Archives

[registrars]


<<< Chronological Index >>>    <<< Thread Index >>>

RE: [registrars] Registrar Restore command reports issue

  • To: "Bhavin Turakhia" <bhavin.t@xxxxxxxxxxx>, <registrars@xxxxxxxxxxxxxx>
  • Subject: RE: [registrars] Registrar Restore command reports issue
  • From: "Mitchell, Champ" <Cmitchell@xxxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 13 Dec 2005 08:14:16 -0500
  • Sender: owner-registrars@xxxxxxxxxxxxxx
  • Thread-index: AcX/vdi4O8jYKmqfQUOsrfN3+nQkHAABU9BQAAiYw14=
  • Thread-topic: [registrars] Registrar Restore command reports issue

What a great question. If anyone does have such a workaround I would like to know it too. As a congenital worrier, when I can't find anything else, I can dream nightmare scenarios of the misuse of the password and the RAT. I have asked on several occasions that the VeriSign Registry create a more limited tool than the RAT, actually a series of special use tools. That has not happened.
 
We try to protect from abuse by limiting access to 3 very senior people (which is highly inefficient and a poor use of their time), very frequent changes (also highly inefficient) and monitoring use daily by 2 people not in the chain of command of the 3 who have access. Obviously that system has real holes in it, but it is the best we have come up with and is cumbersome, leads to misuse of senior assets and is generally inconvenient for all concerned at the best of times and sometimes creates its own set of problems. 
 
By the way, I am not one of the 3 senior people I trust with access. I hope smarter people than me have derived a better system and will share it. Best to all, Champ

________________________________

From: owner-registrars@xxxxxxxxxxxxxx on behalf of Bhavin Turakhia
Sent: Tue 12/13/2005 3:59 AM
To: registrars@xxxxxxxxxxxxxx
Subject: [registrars] Registrar Restore command reports issue



Hi all

I am wondering if anyone else faces this issue - especially the bigger
registrars

Right now for running a restore command a manual report needs to be
submitted using the registrar admin tool. For a registrar like ourselves, or
say one of the larger ones, there may be several restores being processed
each week. This requires us to provide the passwd to the Registrar admin
tool, to someone from our support staff who handle this task of feeding in
restore reports. That seems like a risky proposition to me since the RAT
allows complete control over all domain names and I would not ideally wish
to give its passwd to anyone in the organization.

Is there a workaround that I am not aware of?

Best Regards
Bhavin Turakhia
Founder, Chairman & CEO
Directi
-------------------------
http://www.directi.com
http://www.logicboxes.com
Tel: +91-22-56797600
Fax: +91-22-56797510
Board (US): +1 (415) 240 4171 ext 7600
Fax (US): +1 (320) 210 5146
-------------------------





<<< Chronological Index >>>    <<< Thread Index >>>