RE: [DNS] passwords

RE: [DNS] passwords

From: Chris Disspain <ceo§>
Date: Fri, 11 Oct 2002 12:09:24 +1000

1. Yes, we would welcome input.
2. Your point about security of passwords is relevant but it is not
strictly correct to say that the vast majority of passwords were created
by AUNIC. In reality most of not all passwords were altered to some
degree when AusRegistry took over.
3. Your point about security would be more meaningful as a reason for
ALL passwords to be changed - something which auDA would co-ordinate if
deemed appropriate. It has less effect when what we are actually taking
about is only altering the passwords of those domain names managed by
resellers where those resellers move to another registrar. Despite the
security label, the practical effect of changing the password is to make
it more difficult for a transfer to take place.


Chris Disspain
CEO - auDA

-----Original Message-----
From: Bruce Tonkin [mailto:Bruce.Tonkin&#167;] 
Sent: Friday, 11 October 2002 11:09
To: 'dns&#167;'
Subject: [DNS] passwords

>Does a domain registrar have the right to change a registrants registry
>key without the registrant requesting they do so?

The vast majority of these passwords were created by AUNIC (ie we never
created by the registrant), and are now quite insecure by modern
of security.  At one stage as part of the transition it was planned to
change all registrant passwords.  We have detected attempts on our
to compromise the password.  A standard electronic security precaution
is to
update passwords when there is a major change.  Registrants are informed
the new passwords whenever a change occurs, and registrants have the
to change the password to a password of their choice.  Past experience
shown that registrants have not updated their passwords (it has always
possible to update the AUNIC passwords, but most are still set as per

auDA is currently reviewing its password policy for the passwords stored
and I am sure would welcome input from the members of this list.

Bruce Tonkin

List policy, unsubscribing and archives =>
Please do not retransmit articles on this list without permission of the

author, further information at the above URL.  (368 subscribers.)
Received on Fri Oct 03 2003 - 00:00:00 UTC

This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:06 UTC