The answer to this is usually Mark Monitor.
> On Oct 4, 2014, at 6:49 PM, Phil Pennock <[email protected]> > wrote: > > Folks, > > I know which registrars I like for personal use, there's a few which are > competent, but I'm having a hard time finding someone "not broken" for > corporate use by my employer. Suggestions welcome, but please see the > requirements. > > Requirements: > > 0. Registrar only; whether or not they do DNS, SSL certs, whatever is > irrelevant, as long as we can set DNS servers to point to our own > selection of NS hosts. > 1. No shared passwords; each user authorized to access the registrar > has their own account, with their own password. > 2. Strong desire that it also support 2FA, with admin overviews of who > does or does not have 2FA enabled; we'll reluctantly let this one > slide if we can find a provider who meets the other reqs. > 3. The user who signs in is not "the contact" in whois: role contacts > should be set for each publicly visible contact, _multiple_ people > able to make technical changes, etc. > 4. Whois privacy service available (for those TLDs which allow it). > 5. Ideally, billing-only accounts, who can manage corporate > credit-cards on file, etc, but not make tech changes (and tech > accounts which can't retrieve billing details); but this one, again, > we can let slide. > > The bare minimum threshold is points 1 and 3 -- basically, competent > account management for the idea that the person accessing the service is > not "the customer" but "someone working at the customer". This is not a > high bar. Even in the SSL CA business, the DNS business and the CDN > business, it's not hard to find companies who can manage these points. > When the SSL CA business can pass the bar, I know it's not a high bar. > > Price is not a primary driver. > > Gandi is decent for personal use, but their way to implement 1 is to > fail on 3, because they've associated public NIC handle too closely with > user accounts. We do not want SPOFs in staff, not even for me ;) > because I could be hit by a bus sliding down a Pittsburgh hill in the > snow and become a pancake. Given that a modern Internet company has > their domain as a critical corporate asset, it's unacceptable to only > have a "shared known password" as the only protection on the domain. > > Please, who is there out there for companies, to have half-way competent > domain registration and access controls? > > Thanks, > -Phil > _______________________________________________ > Discuss mailing list > [email protected] > https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss > This list provided by the League of Professional System Administrators > http://lopsa.org/ _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
