At 14/09/2009 08:05 PM, John R. Levine wrote:
Personally, I think that the registrar should send a verification code to the paper mailing address provided by the registrant, and not activate the domain until the registrant receives the code and shows (probably by web or email response) that he or she has received it.
I realize this would make the registration process considerably slower and somewhat more expensive, but I see no public interest reason why that's a bad thing.
I would guess that this would only need to be done for new Registrar:Registrant relationships. Once such a trust relationship is established (perhaps periodically renewable) additional registrations would not need to go through the process, thereby significantly reducing the potential impact.
So long as you were sure that it was the same person and not just someone borrowing the same contact details, I'd agree.
My assumption in writing the above was that some sort of ongoing credential (perhaps call it a "password") could be used.
However, it is unclear if this could be effectively implemented in parts of the world with inadequate paper-mail capabilities.
Are there really places with Internet connectivity where you can't get a letter with one sheet of paper delivered? I realize that parcels get pilfered, but letters?
Getting the 1 sheet delivered in a predictable time is a bit harder. But just assuring delivery is a problem also. Hey, at my old university, one of the attractive parts of networks and e-mail was that it by-passed slow, internal paper mail. The same is true in many parts of the world today. But let's not get hung up on the mechanism of increasing the credibility of the identity. Paper will work in some parts of the world, and I am sure there are other mechanisms that would work elsewhere. Alan
R's, John