VeriSign to offer 2-factor security and better registry lock
- To: GNSO GA Mailing List <ga@xxxxxxxxxxxxxx>
- Subject: VeriSign to offer 2-factor security and better registry lock
- From: George Kirikos <gkirikos@xxxxxxxxx>
- Date: Mon, 29 Jun 2009 05:23:08 -0700 (PDT)
VeriSign intends to offer 2-factor security and a better registry lock, see
requests 200904 and 200905:
I've long been in favour of 2-factor security, so this might be very positive.
However, it concerns me that VeriSign might be abusing its monopoly to
overcharge for the services relative to what the price would be with
competition, in agreement with what Danny mentioned yesterday:
Indeed, for those who've cared about "tiered pricing" you'll note they even use
the phrase in the section on pricing for the registry lock service (i.e. page
4, "VeriSign intends to charge registrars based on the market value of the
Registry Lock Service. VeriSign expects to offer a tiered pricing model").
Furthermore, given the lawsuit out there attempting to break VeriSign's abusive
monopoly, which would hopefully eventually lead to regular tender process for
dot-com (and other gTLDs) it is important to ensure that these new services
don't help VeriSign solidify vendor lock-in, and that they can be transitioned
to a new registry operator should a competitor end up winning a future tender
Also in general it's a good idea to raise security for *everyone* and not just
those willing and able to pay a premium. One will note PayPal only charges a
one-time fee of $5 for their security key (for their 2-factor security) or $0
for SMS, and then the ongoing costs are $0.
That security key that PayPal uses comes from VeriSign:
VeriSign should not be able to abuse its monopoly by overcharging for
long-needed security updates for registrants.