Hello A.,
There is nothing to stop you from doing the same thing. I am writing
my own client right now for this very reason. A user will have the
option of having their login reset so that it can be used on
manage.opensrs.net (or by default any RSP site that uses the opensrs
provided client scripts), but in doing so they will give up the
ability to use the optional included and premium services. This way
we have one primary login they will use on our site for all the
services, and can manage them in one interface, and makes it easier to
let them have a "one button" setup for things like redirection (which
would automatically change their nameservers to ours for the domain,
etc).
An RSP should not depend on the opensrs login as a means of access to
other services and offers.
Monday, November 20, 2000, 1:10:19 PM, you wrote:
> A difference in RSP scripts vs Domain Direct scripts was previously raised
> and addressed.
> I stumbled across another which may or may not be regarded as a security
> issue, but I know I am not too comfortable with it.
> In essence a user with a domain registered with Tucows through an RSP, can
> use another RSP's site to log into the system and maintain their domain.
> So although someone is not your customer, they can still log into your site
> hmmmm.....
> By contrast a user, cannot log into Domain Direct. However, I am not sure if
> the reverse is possible, i.e. if a user who registered with Domain Direct
> can log into an RSP's site.
> Of course I did not try any hanky-panky and not sure if it is even possible,
> but then there are those (and I don't mean RSP's) who might get up to some
> mischief.
> ais
--
Best regards,
William mailto:[EMAIL PROTECTED]
