slightly OT : versign complaint department
i've been trying to add a pgp key to the verisign/netsol database for the past two weeks. i've sent four messages, opened three web help requests, and spent three hours on the phone with their helpdesk. they know less than their customers about their own procedures and web documentation for adding keys for PGP guardian auth.
i guess this is the problem with government sanctioned monopolies.
Heh, heh, you can always complain to ICANN, another govt sanctioned monopoly. The REGISTRY is a monopoly. You have your choice of REGISTRARS. Melbourne IT is the registrar for my two (wow, whoopie!, two) domains. I can access inww.com site thru my browser, using a supposedly "secure" connection. The certificate presented by Melbourne IT is signed by Verisign! :-) It takes me 2 minutes to make a change, not two weeks. Let's not debate the limitations of this alternate security proceedure or this will be more than "slightly" off topic.
i'd like to do something about it.
Vote with your dollars and with your feet. Change registrars. I apologize if you *ARE* are a registrar trying to deal with the registry. In that case, bend over and grab your ankles. Because you're getting screwed and there's nothing you can do about it.
does anybody know if there is a formal board or governing group that i can send my grievances to?
For $35 Melbourne IT will solve your problem. :-) Seriously, people, I can't for the life of me understand why anyone continues to do business with NetSol if there are so many better alternatives. Let NetSol execs cry over their $40 stock price, wishing it was back over $200. In the meantime let them know thru their pocketbooks that they should spend less time calculating the value of their stock options and spend more time running their business in a customer friendly manner. If everyone voted with their dollars, then NetSol would quickly improve or VRSN would soon be a $4 stock. Because that's about all it would be worth if their only revenue source was their govt mandated $6 "wholesale" registration fee. BTW I chose Melbourne IT because of their plain language domain name registration agreement. None of this crap about the registrar being able to change the terms at will. Only ICANN can do that to me.
I can access inww.com site thru my browser, using a supposedly "secure" connection. The certificate presented by Melbourne IT is signed by Verisign! :-) It takes me 2 minutes to make a change, not two weeks.
However, all the security you have with *their* certificate is some degree of confidence that you connected to the correct site. What is not provided for secure identification of you to them (apart from the password). PGP authentication (if it works, which with NSI does not seem to be the case anymore, they rejected perfectly valid PGP-signed templates from me for the last few days without indication what they think is the problem, sigh) does provide a mechanism for client-side authentication using strong-encryption technology. While I believe that such is possible with SSL, this does not seem to be used at all, IMHO for the following reasons - lack of tools to generate one's own client-certificate for use with webbrowsers, and/or documentation etc for that and - lack of support by websites for submitting your cert's public part or - lack of certification authorities that accept user-generated certs and are widely accepted by site-operators for this purpose (most CAs seem to generate certs for their customers, which always leaves the possibility for some form of escrow, whether by law, by the CA's policies or internal procedures [backup etc] or even a single rogue staff). I know someone is going to chip in with lots of details and info I have missed/overlooked, and I'd welcome pointers if such services and tools are actually available [in a relatively user-friendly for accessible form]. Mathias
participants (2)
-
Bohdan Tashchuk
-
Mathias Koerber