Hi George, Our migration to EPP went smoothly over the weekend. We have not added auth_codes to the migrated domains. The plan is to start populating the registry database later this week with auth_codes for existing domains. Until that time, registrants can still set the auth_code for their domains prior to requesting a transfer.
Once the registry database is populated, auth_codes will be generated when the domain is looked up via one of our interfaces. Any domains registered after the switch-over will have the auth_codes set for them. Greg Frank Product Manager, TLDs Tucows -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of George Kirikos Sent: Saturday, August 26, 2006 5:11 PM To: [email protected] Subject: [domains-gen] Transition of Tucows .com/net to EPP today Hi, I noticed today is the big day for the transition of the .com/net names at Tucows to EPP, from RRP. I was curious how it's going so far. Will all domains be initially assigned a random EPP auth_info to begin with? That might be a nice function to put into the RWI, to allow resellers to occasionally do a bulk randomization of the EPP codes for security, assuming Tucows has a good random password generator. One thing I noticed in the transfers code generator that Tucows uses at present is that all the easily confused letters are possible, e.g. ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 0123456789 It might be better to use a slightly smaller subset, i.e: ABCDEFGHJKLMNPQRSTUVWXYZ abcdefghijkmnopqrstuvwxyz 0123456789 Dropping the following: I = capital "i" (looks like lowercase "L" with many fonts) O = capital "o" (looks like zero) l = lowercase "L" (looks like capital "i") 0 = zero (looks like capital "o") 1 = "one" (looks like lowercase "L or capital "i") Reducing the allowed characters from 62 to 57 slightly reduces the security, for a fixed password length, so one can add 1 or 2 more characters to the password to get it back to the same strenth as the original password. Alternatively, one can think of adding characters like: ! @ # $ % * - to the passwords, if the system allows it (although, one has to be careful, as for example the dollar sign $ might not appear on keyboards of Europeans, like they do for Canada/US -- they might have a Euro or a Pound sign there instead??). Sincerely, George Kirikos http://www.kirikos.com/ _______________________________________________ domains-gen mailing list [email protected] http://discuss.tucows.com/mailman/listinfo/domains-gen _______________________________________________ domains-gen mailing list [email protected] http://discuss.tucows.com/mailman/listinfo/domains-gen
