Re: [DNS] Hey Chezza and co - getcha .au expiry dates here!

Re: [DNS] Hey Chezza and co - getcha .au expiry dates here!

From: <magic2147§optushome.com.au>
Date: Wed, 14 Apr 2004 23:58:51 +1000
On 14 Apr 2004 at 18:22, Kim Davies wrote:

> My point is simply you provided instructions in a public forum on how to
> abuse a loophole. Whilst I am a fan of full disclosure, actual methods
> shouldn't be disclosed until the parties involved have been informed, and
> opportunities given to remedy it. Hence, the question I asked.
> 
> I think your point would have been just as resonant if you said "I found
> an obvious security hole in a registrar that allows you to access any
> domain's expiry date. I have told the registrar and auDA about it, and
> after X period of time they still do nothing, not even a reply that it is
> being investigated."
> 

Reality check Kim. It's like two years nearly for all that kind of thing to have been 
done by auDA. Have they been around all web sites of the  registrars they have 
"approved" ? No. Have they done their job properly? No. They deserve to be 
embarassed. And guess what? The hole still hasn't been fixed (and the similar 
breach at another registrar was fixed in less than 24 hours). And not a peep from 
either auDA or Namescout here. 

And you want to pussy foot around? Hey these are the guys who make registrants 
jump through hoops to get a domain and pay over the odds for them  and we still 
have registrars in flagrant breach. Gimme a break.

And what do we get for our $11 a throw that goes to auDA? Too many junkets to 
ICANN conventions in exotic locations for mine. And don't get me started on the up to 
$45 per domain that Ausregistry gets. 

cb
Received on Fri Oct 03 2003 - 00:00:00 UTC

This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:07 UTC