On Mon, Sep 28, 1998 at 07:18:25PM -0400, Steven J. Sobol wrote:
On Mon, Sep 28, 1998 at 05:15:30PM -0400, Jay R. Ashworth wrote:
On Sun, Sep 27, 1998 at 11:14:42PM -0400, Steven J. Sobol wrote:
I've found that on changes to domains for which I'm already a contact, setting my authentication to CRYPT-PW works well, causing changes to be completed within hours.
Note that CRYPT-PW apparently only refers to how the passwords are stored on the InterNIC's servers; they're sent in plaintext when you e-mail the form.
Well, you know... no. I've seen the mail generated when you fill in the webform, and choose CRYPT-PW. The CGI script encrypts the cleartext password, and that's what's in the field in the email when it's mailed to you for forwarding.
Jay, my friend, I hate to be argumentative, but...
Authorization 0a. (N)ew (M)odify (D)elete.........: M 0b. Auth Scheme.....................: CRYPT-PW 0c. Auth Info.......................: sj.3989.
That is indeed the password associated with my NIC handle. Or was, anyhow. I've since changed it.
That was in the e-mail sent to me, which was not PGP'd or encrypted in any way.
This is rather silly. YES, it IS encrypted when you originally set the password. It IS NOT encrypted in a domain registration form though. It should be.
Then what stops me from finding your original crypt() and sending that in. In the case of what you want, pgp is the correct solution.