GNSO Email Archives: [registrars]

ICANN/GNSO GNSO Email List Archives

[registrars]

<<< Chronological Index >>> <<< Thread Index >>>

Re: [registrars] Registrar Restore command reports issue

To: "Mitchell, Champ" <Cmitchell@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [registrars] Registrar Restore command reports issue
From: Larry Erlich <erlich@xxxxxxxxxxxxxxxxxx>
Date: Tue, 13 Dec 2005 11:07:01 -0500
Cc: Bhavin Turakhia <bhavin.t@xxxxxxxxxxx>, registrars@xxxxxxxxxxxxxx
In-reply-to: <9E93DEC285888046B8949287D8B8376401FC081F@VAMAIL3.CORPIT.NSI.NET>
References: <9E93DEC285888046B8949287D8B8376401FC081F@VAMAIL3.CORPIT.NSI.NET>
Sender: owner-registrars@xxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0 (Macintosh/20041206)

We have the same issue. But
I was thinking it *might be possible* to write a Perl
client using something like LWP and setup some pages that
only accessed the specific VRSN pages that were needed
for the initial restore and the "submit restore report".

This explains the concept:
http://cpan.uwinnipeg.ca/htdocs/libwww-perl/lwptut.pm.html

Larry Erlich

http://www.DomainRegistry.com

Mitchell, Champ wrote:

What a great question. If anyone does have such a workaround I wouldlike to know it too. As a congenital worrier, when I can't find anythingelse, I can dream nightmare scenarios of the misuse of the password andthe RAT. I have asked on several occasions that the VeriSign Registrycreate a more limited tool than the RAT, actually a series of specialuse tools. That has not happened.We try to protect from abuse by limiting access to 3 very senior people(which is highly inefficient and a poor use of their time), veryfrequent changes (also highly inefficient) and monitoring use daily by 2people not in the chain of command of the 3 who have access. Obviouslythat system has real holes in it, but it is the best we have come upwith and is cumbersome, leads to misuse of senior assets and isgenerally inconvenient for all concerned at the best of times andsometimes creates its own set of problems.By the way, I am not one of the 3 senior people I trust with access. Ihope smarter people than me have derived a better system and will shareit. Best to all, Champ
------------------------------------------------------------------------
*From:* owner-registrars@xxxxxxxxxxxxxx on behalf of Bhavin Turakhia
*Sent:* Tue 12/13/2005 3:59 AM
*To:* registrars@xxxxxxxxxxxxxx
*Subject:* [registrars] Registrar Restore command reports issue

Hi all

I am wondering if anyone else faces this issue - especially the bigger
registrars

Right now for running a restore command a manual report needs to be
submitted using the registrar admin tool. For a registrar like ourselves, or
say one of the larger ones, there may be several restores being processed
each week. This requires us to provide the passwd to the Registrar admin
tool, to someone from our support staff who handle this task of feeding in
restore reports. That seems like a risky proposition to me since the RAT
allows complete control over all domain names and I would not ideally wish
to give its passwd to anyone in the organization.

Is there a workaround that I am not aware of?

Best Regards
Bhavin Turakhia
Founder, Chairman & CEO
Directi
-------------------------
http://www.directi.com
http://www.logicboxes.com
Tel: +91-22-56797600
Fax: +91-22-56797510
Board (US): +1 (415) 240 4171 ext 7600
Fax (US): +1 (320) 210 5146
-------------------------

Follow-Ups:
- Re: [registrars] Registrar Restore command reports issue
  - From: Paul Lecoultre(CORE secretariat)

References:
- RE: [registrars] Registrar Restore command reports issue
  - From: Mitchell, Champ

<<< Chronological Index >>> <<< Thread Index >>>