WARNING: AOL is hosed (again)
Roeland M.J. Meyer
rmeyer at mhsc.com
Fri Oct 16 21:11:19 UTC 1998
At 04:01 PM 10/16/98 -0500, Sean Donelan wrote:
>>This is too trivial for words. We do SSL authenticated registrations for
>>our normal order processing, using CC transactions. I have always wondered
>>why NSI can't run both SSL and take immediate CC payments for
>>domain-registrations. It's not like they don't have the cash to make this
>>happen. It also wouldn't hurt to setup some ssh-forwarded ports and drop
>>the whole mess behind a firewall either.
>
>Run of the mill SSL does not protect against client forgery or impersonation.
>It protects against transmission wiretapping and some types of server
>impersonation. I can use a forged credit card number with SSL.
With Certs it sure does. So does SSH.
>Encryption is not a magic wand.
Like with any wand, one must know how to use it.
>On the other hand, security is a pain. I know I haven't taken advantage
>of all the security features NSI offers for all the objects I have registered
>over the years. The Guardian workflow process is still annoyingly
>convuleted enough, the default ends up being no protection if you miss or
>forget any of the steps. I guess it makes sense from NSI's point of view,
>cutting down on the number of 'lost' password or PGP key calls.
One can set up secure automated processes for all of this, that's what MHSC
actually does. Security *doesn't* have to be a PITA. It only becomes such
when the designer is either incompetent or lazy.
>Tell me again, what's your mother's maiden name?
>--
>Sean Donelan, Data Research Associates, Inc, St. Louis, MO
> Affiliation given for identification not representation
>
___________________________________________________
Roeland M.J. Meyer, ISOC (InterNIC RM993)
e-mail: <mailto:rmeyer at mhsc.com>rmeyer at mhsc.com
Internet phone: hawk.mhsc.com
Personal web pages: <http://www.mhsc.com/~rmeyer>www.mhsc.com/~rmeyer
Company web-site: <http://www.mhsc.com/>www.mhsc.com/
___________________________________________
I bet the human brain is a kludge.
-- Marvin Minsky
More information about the NANOG
mailing list