česky | english
Who is eligible as the OWNER of a domain?
Draft of Question :
>> But now I am wondering if the authentication by email only is >> sufficient. At least if adresses as "webmaster" or "postmaster" >> are used. Shouldn't it rather be only admin, or so?? Or a complete >> other method, since having access to one of those email adresses >> doesn't mean that the person should have the power to get a >> certificate for that domain. The other way around I agree (having the >> power, one can get such/any such email adress, so maybe it should be a >> email@example.com)
Draft of Answer :
Many email addresses have standard internet roles for SMTP, DNS, ... and their usage is highly restricted and valuable sys admins are carefully handling them.
Anyway if you add your email address when you register your domain, you would be able to verify the domain with your "personal" or other email address.
take care : the address mentioned will be scanned and used by spammers!
also lock your domain "Status: REGISTRAR-LOCK"
For example try to look at the list of emails that can be used for _m*cros*ft.com_ domain. If you pass the verification of this domain, let us know. Oh well, Good Luck!
In this example, firstname.lastname@example.org is a valid address for validating the domain in CAcert.org:
[gr@gr gr]$ whois grhq.net Whois Server Version 1.3 Domain Name: GRHQ.NET Name Server: NS.OVH.NET Name Server: DNS.OVH.NET Status: REGISTRAR-LOCK [...] domain: GRHQ.NET person: ROMAGNY Guillaume adresse: PARIS, 75 75019 adresse: FR email: email@example.com