Re: The entire mechanism is Wrong!

[Richard Cox <Richard () Mandarin com>]

On Mon, 17 Jan 2005 07:12:58 +0000 (GMT)
"Christopher L. Morrow" <christopher.morrow () mci com> wrote:

> provided their contract requires some form of 24/7 support, and
> there is an SLA to manage that requirement.  If there isn't then
> there is no need for 24/7 support (no contractual reason), it
> just becomes a business differentiator for clients when chosing
> registrar X or registrar Y
>
> (or so it seems to me)

Then you miss the point that there was no contractual relationship
between the real PANIX and MelbourneIT, yet in the first instance it
was MelbourneIT that needed to respond so that an investigation into
this unfortunate incident could be started.

However excellent the SLA that a domain owner may have with their
registrar, it is inevitably of no value when the central system is
compromised (as appears on the surface to have been the case here).

Your argument would have been completely sound if, in addition to
whatever level of customer support they choose/contract to provide,
there were an obligation for every accredited registrar to guarantee
a response within a given timescale and on a 24/7 basis, to any
emergency request received from any other accredited registrar.

Indeed, such may already have been the case.  Fire Drills have a habit
of discovering shortcomings within well-planned emergency arrangements!

-- 
Richard Cox