pappas writes "There are no absolute defenses, of course, and all the fail-safe measures are ultimately imperfect. And it doesn't help that we're flooded with inaccurate information (e.g., the severely outdated Wired.com article that was published recently, which said that Verisign is still using the old MODIFY DOMAIN email templates and the PGP protections.)"
[BTW, when I was on the phone with one of the Verisign people about a month ago, he admitted that the old PGP system was MUCH more secure than the current system, but it was too difficult to maintain.]
The best defense is to be vigilant, to follow advice on some of the better sites like Carl Oppedahl's , and memorize your attorney's phone number.
If I had my druthers, ICANN (or a much more competent group) would get their act together and create a public registry (not Registry in the sense of Verisign, but like the USPTO's trademark registry) that documents the creations and dissolutions of records, keeps the records indefinitely, and publishes the applications for a set time so that interested parties may review them.
It wouldn't really cost that much more, and I'd be willing to pay a little bit more to ensure that some fraudulent bastard doesn't steal my domains or the domains of organizations and people I care about.
Meantime, I'm entertaining the idea of switching to a Registrar that will keep my domains secure. Please feel free to email if you know of a good one.
This discussion has been archived.
No new comments can be posted.