Gtld transfer process
Thor Lancelot Simon
tls at NetBSD.org
Tue Jan 18 14:18:56 UTC 2005
On Tue, Jan 18, 2005 at 06:36:16PM +1100, Bruce Tonkin wrote:
> (5) The registry will send a message to the losing registrar confirming
> that a transfer has been initiated.
Can you confirm or deny whether this actually happened in the case of
the panix.com transfer?
The other problem I see in this area is that the RRP specification (if
that is in fact the protocol that was used) seems to claim that this
message is out-of-band and thus beyond the scope of the protocol: so it
does not (can not) specify an ACK. If an attacker found a way to prevent
this message from being received, even if generated...
A strictly enforced technical requirement for an ACK here might work
wonders (perhaps it would have to be enforced by duping both the
confirmation and the ACK to the "System", as RRP so quaintly calls it, and
denying future transfers initiated by parties with too many outstanding
ACKs). Not an approval, just an ACK.
There seems to be a general lack of IETF design and review of protocols
in this crucial area. Again not good.
More information about the NANOG