ICANN/DNSO
DNSO Mailling lists archives

[ga-full]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] RE: WLS Input


Ron and all assembly members,

Ron Wiener wrote:

> I'm sorry Jeff, I honestly don't see the conflict in these two very
> consistent statements.

  There is not real conflict in these two posts with the included
statements with respect to security and WLS or Snapback:
 http://www.dnso.org/clubpublic/ga/Arc09/msg00583.html
http://www.dnso.org/clubpublic/ga/Arc09/msg00574.html

But there IS a conflict with your two statements in this
post with the archived post just above:
http://www.dnso.org/clubpublic/ga/Arc09/msg00588.html






>
>
> I also don't see why any of this is relevant to the WLS Proposal - which,
> again, has absolutely nothing to do with security products.  If you want to
> start a new thread on security products, feel free.
>
> -RW
>
> > -----Original Message-----
> > From: Jeff Williams [mailto:jwkckid1@ix.netcom.com]
> > Sent: Wednesday, January 16, 2002 10:00 PM
> > To: Ron Wiener
> > Cc: 'k@widgital.com'; Cameron Powell; ga@dnso.org
> > Subject: Re: [ga] RE: WLS Input
> >
> >
> > Ron and all assembly members,
> >
> >   Interesting here Ron.  Your comments earlier see:
> > http://www.dnso.org/clubpublic/ga/Arc09/msg00583.html
> > In which I quote in part seem to be in direct conflict to
> > what you are saying below to wit you stated:
> > "Of course I'm in agreement that there is a significant security gap.
> > That's
> >  why we introduced SnapBack 13 months ago as a safety
> > countermeasure for  those who are concerned about such
> > security risks." And also in your post:
> > http://www.dnso.org/clubpublic/ga/Arc09/msg00574.html
> > You seem to be contradicting your comments below also in
> > which you stated to wit: "When we conduct CLE classes
> > (continuing legal  education courses, for credits) we always
> > educate attorneys that the best  strategy is to register for
> > long periods of time.  Besides being far more  economical,
> > it's far more sensible.  Some companies, however, have so
> > much  at stake in a single domain name that they want the
> > extra insurance of a  SnapBack.  One reason is that it
> > provides "early warning" of tampering with  the domain
> > record, e.g. when a webmaster changes the admin contact to
> > his  yahoo account before leaving the company."
> >
> > Ron Wiener wrote:
> >
> > > Jeff,
> > >
> > > To my knowledge neither SnapNames nor VeriSign has *ever*
> > touted WLS
> > > as a security product.  To the contrary.  Some of the proposal's
> > > opponents, in seeking to blemish the WLS concept, continue
> > to espouse
> > > the notion - rather ridiculously - that the existence of WLS would
> > > compel current registrants to take subscriptions out on their own
> > > names.  This preposterous allegation has been spread, like
> > folk lore,
> > > to the far corners of these boards, and now apparently
> > being deemed as
> > > fact by innocent bystanders.  If you scan every document or
> > e-mail put
> > > out by VGRS or SnapNames on the WLS you will not find, I
> > assure you,
> > > any hint of the idea that WLS should be viewed as a
> > security product.
> > >
> > > To be clear: SnapBack and WLS are two entirely different
> > product.  WLS
> > > is a subset of the SnapBack functionality and includes NO security
> > > monitoring.
> > >
> > > Thanks for the courtesy allowing me to clear the air on this.
> > >
> > > Cheers,
> > > Ron
> > >
> > >
> > > > -----Original Message-----
> > > > From: Jeff Williams [mailto:jwkckid1@ix.netcom.com]
> > > > Sent: Wednesday, January 16, 2002 8:15 PM
> > > > To: Ron Wiener
> > > > Cc: 'k@widgital.com'; Cameron Powell; ga@dnso.org
> > > > Subject: Re: [ga] RE: WLS Input
> > > >
> > > >
> > > > Ron and all assembly members,
> > > >
> > > > Ron Wiener wrote:
> > > >
> > > > > Jeff,
> > > > >
> > > > > Of course I'm in agreement that there is a significant
> > > > security gap.
> > > > > That's why we introduced SnapBack 13 months ago as a safety
> > > > > countermeasure for those who are concerned about such
> > > > security risks.
> > > > > While it's not my area of expertise (we have other people
> > > > here who are
> > > > > much more knowledgable than I on the RRP/EPP/SRS et al)
> > I'm pretty
> > > > > sure this issue is entirely outside of the scope of the WLS.
> > > >
> > > >   Security is one of my areas of expertise.  WLS however is being
> > > > touted as is your product, Snapback as in part, an attempt to
> > > > address the security related existing problems, as you
> > stated above
> > > > in your comments, to RRP/SRS.  Hence I am a bit confused
> > as to the
> > > > context and tone of this response in general, and in specific to
> > > > those known security problems/concerns.  Hence my statements to
> > > > address the central problem instead of address that
> > central problem
> > > > (Security) as it is directly also related to the Delete issue
> > > > through a more concerted effort to develop a solution that
> > > > encompasses these directly corresponding or related issues...
> > > >
>

Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 121k members/stakeholdes strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number:  972-244-3801 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>