ICANN/GNSO GNSO Email List Archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

[ga] Two-factor authentication for domains

  • To: ga@xxxxxxxxxxxxxx
  • Subject: [ga] Two-factor authentication for domains
  • From: George Kirikos <gkirikos@xxxxxxxxx>
  • Date: Tue, 18 Oct 2005 09:38:24 -0700 (PDT)
  • Cc: domains-gen@xxxxxxxxxxxxxxxxxx
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding; b=VM4C1m6GsVyZkYVjBGf/evlCqCl3i6Hhr/PNsnRymJmBCqSMFEqSyezbUkNg3a57YGjvcrIMzJa8IjGIB1U6frvN9KtQhdy3BeRcqPXue7Ev68ggtDIZewSfdhtengWkku/CxFGVmgjQU9sHoIP66krRvylPU2CzRpM0hYjzXG4= ;
  • Sender: owner-ga@xxxxxxxxxxxxxx

Hello,

Two-factor authentication is coming to online banking according to:

http://www.siliconvalley.com/mld/siliconvalley/business/technology/12925643.htm

As the value of domain names can be much higher than one's cash in the
bank, registrars and/or registries might want to start thinking about
forms of 2-factor authentication too for registrants (as I've been
advocating for years, e.g.
http://ispcentral.tucows.com/archives/discuss-list/0201/1006.html ).

VeriSign actually has a solution these days, although not targeted
towards domain clients:

http://www.verisign.com/products-services/security-services/unified-authentication/index.html

RSA has had a product for a long time:

http://www.rsasecurity.com/node.asp?id=1157

It's my hope that these types of security standards become a "best
practice" for companies in the domain name space. Hopefully the
adoption in the banking industry will spur some registrars to examine
the opportunities. Perhaps ICANN might want to consider inviting some
speakers on this topic at a future event.

Sincerely,

George Kirikos
http://www.kirikos.com/



<<< Chronological Index >>>    <<< Thread Index >>>