From: Bennett Oprysa 
Sent: Wednesday, 31 August 2005 11:24 PM
To: jo.lim@auda.org.au
Subject: password policy

Jo,

I have some comments on the password policy.

The first is regarding password retrieval. I don't think the current clause 4 is 
adequate, it should be made mandatory that all registrars provide an automated 
and instant retrieval tool for their clients, or there should be a central place 
that provides this service for all domains, ie auDA or AusRegistry.

Another issue is the content, due to a number of technical issues, blank spaces 
should not be allowed in a password.

Clause 2.1 should be amended to make it clear that the initial password must be 
sent by the registrar to the registrant by email immediately upon registration, 
and should not be confused or replaced by other authentication passwords/keys that 
registrar chooses to use for their internal purposes.

Regards,
Bennett Oprysa
Enetica Pty Ltd.