On Tue, Jan 22, 2002 at 08:22:46AM -0500, Scott Allan wrote: > > > >Although I realize there are issues here, it would be nicer to allow me to > >query for a users password using the (secure) RWI and then I can > >communicate that password to my customer securely (notably with a PGP > >encrypted message). > > I guess my response would be that should someone's email account become > compromised (or data sniffed), the ability to do all sorts of damage has > always been there. I am not sure how to design against this - allowing > registrants to have their U:P combo sent to them is a really useful > feature, and is pretty standard. I can't think of a way that improves > security without seriously compromising usability... PGP is nowhere near > widely enough deployed - I guess we could let resellers globally disable > this for their names, but that would likely not be an option that many > would choose, therefore not greatly improving security (it would of course > allow those who desire greater security to have it).
I would be heartily interested in using a system which allowed the password to be collected via the API for secure dissemination to the customer by the RSP. We already give customers the option of receiving their invoices via email that is PGP signed, encoded or both. It has been a silent beef of mine for some time that the only way to get a customer his domain management password is in cleartext email. > My understanding (perhaps wrong) is that plain text data (password) > sniffing exploits are pretty rare - anyone violently disagree? It has > always struck me as something that it is possible, but not generally worth > it. In this case, not only would you have to be able to guarantee you could > get all the mail sniffed, but also be familiar with the OSRS manage system. It really depends on the particular RSP. We had an incident just a few weeks ago in which a unix server close to a router at our upstream was compromised, and the leftover logs that were discovered indicated that cleartext POP3 logins to my co-lo customers had been properly sniffed. It's unknown how long the cracker was sniffing, and/or if he managed to grab FTP, IMAP, HTTP and telnet passwords that simply didn't have leftover logs on the box. In November, a customer's Cobalt on my network was compromised, and the cracker may have managed to snarf a few days worth of POP3 logins from my customer's dialup pool. These things *do* happen, in some places more frequently than in others. If the development tools to protect myself from them were available, I would certainly use them. Does OpenSRS feel there's a liability issue in providing cleartext passwords to RSPs? -- Paul Chvostek <[EMAIL PROTECTED]> Operations / Development / Abuse / Whatever vox: +1 416 598-0000 it.canada http://www.it.ca/
