On Sun, 16 Jan 2005, Christopher L. Morrow wrote:
assume Mr. Rosen and MIT do... If the proper process was started then things look good, though unfortunately it may take some time to resolve the problem. That process/procedure is in place for a good reason, circumventing it will lead to problems in the long run. Do you circumvent for MS, for AOL, for ATT? At what point do you draw the line? My home business of pot painting?
That's the asymmetric problem with identity theft. Companies seem to make it easier to steal the identity (24x7 transfers with 10 minute zone file updates) than to correct the theft (only open Monday-Friday, find the right department, fill out multiple forms, wait 2 weeks, etc). I agree rules and processes are important. Instead of calling it circumvention, I would call it a robust exception handling process. Both the intial process of protecting your identity, as well as the exception handling process in the event it is compromised, should be available for both my home domain as well as well-known companies like MS, AOL and AT&T. It should be as hard to steal my domain as it is to steal AOL.COM. Unfortunately, there is very little I can do to prevent a Registry/Registrar from giving my identity away without my permission.