On 6/20/13, Hal Murray <hmurray@megapathdsl.net> wrote:
Perhaps we should setup a distributed system for checking things rather than another SPOF. That's distributed both geographically and administratively and using several code-bases. [snip]
I would be in favor of being able to pay two "competitive" to be registrars for a domain, and assign them two roles: "Registrar Primary" and "Registrar Auditor" With the requirement that all changes to the domain be initiated with my "Primary Registrar", AND no major change would be allowed to take effect until validated by my secondary "change Auditor Registrar" Including changes to NS records, DS records, contacts, unlocking, renewal, deactivation, or transfers. Essentially, forcing me to submit the same change to both registrars, but denying either registrar the capability of forging authorization or submitting changes that I had not authorized. Also (in some measure) protecting me from identity theft, and other security issues -- since there are now two accounts with two providers, possibly with different authentication procedures. -- -JH