A domain name registration system in which registry services are shared among multiple independent registrars is a Shared Registration System (SRS.) The SRS presently implemented on the Internet utilizes the Extensible Provisioning Protocol (EPP), a text/XML protocol that permits multiple service providers (such as registrars) to perform object provisioning operations using a shared central object, such as a registry. EPP includes extension mechanisms that provide for the modification and/or addition of implementation-specific features and other object management capabilities.
Security is needed for a SRS to protect the integrity of domain name registrations. For example, security measures are implemented to ensure that only accredited registrars can add, delete or otherwise modify a domain name record at a registry. Such security measures can include requirements that the registry authenticate a registrar before the registry processes EPP commands. The registry can authenticate the registrar by verifying the registrar's digital certificate, requiring and verifying a registrar password, verifying that the registrar's communications originate from an IP address (or address range) known to be associated with the registrar, etc.
Security measures can also be implemented for communications between a registrant and the registrar. This is important to ensure that modifications requested for a domain name properly originate with an authorized party, such as the registrant itself. Such security measures can include requiring and verifying a registrant password at the registrar, verifying the registrant's digital certificate, etc.
Another security measure is Auth Info, which includes a secondary password used to authorize domain name transfers. When a registrant wishes to initiate a transfer, the registrant provides its Auth Info password to the gaining registrar, who uses it to initiate the transfer request. The use of the secondary Auth Info password can prevent the unauthorized transfer of a domain name.
Known security measures are not entirely effective against all threats. For example, an unauthorized entity that has stolen the actual registrant's credentials can pose as the registrant and improperly add, delete or modify a domain name record in the registrant's name. Likewise, a registrar (or an entity posing as a registrar that has the registrar's credentials) can improperly add, delete or modify a registrant's domain name record. What is needed is a system that can ensure verify the actual registrant's authorization to make changes to a domain name record.