VeriSign to offer 2-factor security and better registry lock
Hi folks, VeriSign intends to offer 2-factor security and a better registry lock, see requests 200904 and 200905: http://www.icann.org/en/registries/rsep/ http://www.icann.org/registries/rsep/verisign-auth-request-25jun09.pdf http://www.icann.org/registries/rsep/verisign-reglock-request-25jun09.pdf I've long been in favour of 2-factor security, so this might be very positive. However, it concerns me that VeriSign might be abusing its monopoly to overcharge for the services relative to what the price would be with competition. Indeed, for those who've cared about "tiered pricing" you'll note they even use the phrase in the section on pricing for the registry lock service (i.e. page 4, "VeriSign intends to charge registrars based on the market value of the Registry Lock Service. VeriSign expects to offer a tiered pricing model"). Furthermore, given the lawsuit out there attempting to break VeriSign's abusive monopoly, which would hopefully eventually lead to regular tender process for dot-com (and other gTLDs) it is important to ensure that these new services don't help VeriSign solidify vendor lock-in, and that they can be transitioned to a new registry operator should a competitor end up winning a future tender process. Also in general it's a good idea to raise security for *everyone* and not just those willing and able to pay a premium. One will note PayPal only charges a one-time fee of $5 for their security key (for their 2-factor security) or $0 for SMS, and then the ongoing costs are $0. https://www.paypal.com/securitykey That security key that PayPal uses comes from VeriSign: http://www.infoworld.com/d/security-central/paypal-ebay-offer-security-key-u... VeriSign should not be able to abuse its monopoly by overcharging for long-needed security updates for registrants. Sincerely, George Kirikos 416-588-0269 http://www.leap.com/
please start sending all ICANN and BC emails to bullypulpit2002@yahoo.com. Please take this email off the list and replace it with bullypulpit2002@yahoo.com. On Mon, Jun 29, 2009 at 6:20 AM, George Kirikos <icann@leap.com> wrote:
Hi folks,
VeriSign intends to offer 2-factor security and a better registry lock, see requests 200904 and 200905:
http://www.icann.org/en/registries/rsep/ http://www.icann.org/registries/rsep/verisign-auth-request-25jun09.pdf http://www.icann.org/registries/rsep/verisign-reglock-request-25jun09.pdf
I've long been in favour of 2-factor security, so this might be very positive. However, it concerns me that VeriSign might be abusing its monopoly to overcharge for the services relative to what the price would be with competition. Indeed, for those who've cared about "tiered pricing" you'll note they even use the phrase in the section on pricing for the registry lock service (i.e. page 4, "VeriSign intends to charge registrars based on the market value of the Registry Lock Service. VeriSign expects to offer a tiered pricing model").
Furthermore, given the lawsuit out there attempting to break VeriSign's abusive monopoly, which would hopefully eventually lead to regular tender process for dot-com (and other gTLDs) it is important to ensure that these new services don't help VeriSign solidify vendor lock-in, and that they can be transitioned to a new registry operator should a competitor end up winning a future tender process.
Also in general it's a good idea to raise security for *everyone* and not just those willing and able to pay a premium. One will note PayPal only charges a one-time fee of $5 for their security key (for their 2-factor security) or $0 for SMS, and then the ongoing costs are $0.
https://www.paypal.com/securitykey
That security key that PayPal uses comes from VeriSign:
http://www.infoworld.com/d/security-central/paypal-ebay-offer-security-key-u...
VeriSign should not be able to abuse its monopoly by overcharging for long-needed security updates for registrants.
Sincerely,
George Kirikos 416-588-0269 http://www.leap.com/
participants (2)
-
Chuck Warren -
George Kirikos