I would have to agree with your assessment, the phone number is entered at the end of the order process by the person placing the order- has nothing to do with the whois etc.. I guess it can be viewed as a second 'hoop' you have to go through.
Kim Phelan Product Manager Tucows, Inc. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Robert L Mathews Sent: Thursday, March 13, 2003 2:53 PM To: [EMAIL PROTECTED] Subject: RE: SSL Certs: Geotrust CSR instruction link in script At 3/13/03 6:38 AM, Kim Phelan wrote: >Not yet, and I am pushing for "not ever" but I would love to hear people's >feedback. > >Geotrust is instigating a telephone verification into their QuickSSL >product to >provide more robust authentication on the QuickSSL product line. They give >you a >code when you place the order, then they call you at the number >designated, and >you enter this number. Maybe I'm not understanding something, but how does that increase security? Do they only call the number shown in the WHOIS record, or the D&B record, or something? >My initial reaction to this approach was that there might be different phone >systems, and an english centric approach. >I was considering making this something (eventually) that you could >"opt-in" or out of depending on your preferences. I very much like the system without the phone verification. I recently ordered a QuickSSL cert using e-mail verification, and I was very pleased with how quickly it went. Adding phone calls would be a step backwards (it seems like few people answer their phone any more). ------------------------------------------------- Robert L Mathews, Tiger Technologies
