Re: Transfering a domain

[Michael Dillon <michael@memra.com>]

On Wed, 8 Jan 1997, Kent Crispin wrote:

> I think David had a much simpler thing in mind -- unfortunately, it
> doesn't work...I am not even sure that a vast global public key ring
> would work, unless you completely give over control of the db records
> to the end user.  Now *that's* an interesting idea. 

Why shouldn't the user have total control over the db records? They are
the ones publishing the information, aren't they?

When my truck insurance expires here in B.C., I can go to any insurance
agent in the province to renew. The central insurance agency mails me
a renewal form but I can pay it at any Autoplan agent. Why shouldn't the
DNS work like this? CORE would record whether or not a domain is paid in
full. If so, it is active, if not it is on hold and not in the DNS. The
domain name owner must go to some registrar or other and pay their annual
fees. The registrar then tells CORE that the domain name is paid in full
until the expiry date next year. Some may argue that the payment status is
private information, but I would argue that my insurance payment status is
fully public since my pickup truck has a sticker on the licence plate with
the expiry date on it.

Now, how does a domain name owner authenticate themselves with a new
registrar? Well, when CORE emails or snail-mails the renewal notices, they
include a key number. The user presents this key number with their payment
and the registrar then registers the payment with the key number. If a
domain name owner needs to make a change for some reason the same
procedure applies. For instance, their ISP fails so now all email
addresses and DNS information on their record is invalid and needs to be
updated. The user must now satisfy CORE that they are the legitimate
domain name owner. The easy way to do this is for all new domain name
owners to receive a similar key that is reserved for information changes.
They pull this key out of the file and supply it to the registrar with the
new information. Once the new info is recorded, the key is expired and a
new key is emailled to them for the next change. 

So, you can see that there are two sequences of keys, one of which is used
for payments and one of which is used for other changes. Each key is used
once only. The keys are transmitted directly from CORE to the user so that
the registrar cannot intercept them. Nobody needs crypto software except
CORE who generate the keys.

Obviously there will be cracks but we do have things like fax machines,
notarized photocopies of company identity documents, etc. for the special
cases. And if some people find typing in 512 bit keys to be onerous, it is
always possible set up the billing renewal system so that both email and
snailmail notices are sent simultaneously. 

The cost of postage for CORE to snail-mail all the notices is not a valid
complaint because this cost should be part of the overhead fees charged to
the registrars. There are ways to handle international mailing by doing
bulk shipments to another country for remailling there and the accuracy
and timing of such mailings can be monitored quite easily by including
bogus notices to helpers in various countries who email CORE when they
have received their bills. The registrars are the front-end customer
service reps, but CORE is the maintainer of the registry.


Michael Dillon                   -               Internet & ISP Consulting
Memra Software Inc.              -                  Fax: +1-604-546-3049
http://www.memra.com             -               E-mail: michael@memra.com