From: rossd_at_cns.me.berkeley.edu
Date: Wed Sep 17 2003 - 09:36:59 PDT
For those who haven't heard, Verisign mucked with their root
servers by implementing a new system which redirects any non-existant domains
or hosts that are not responding to their own servers and apparently did it with
no more than an hour or two notification and no input from the Internet community.
This has already be shown to break the following:
Many anti-spam tools have broken as a result of nonexistent domains now appearing to exist
Passwords and other private information that are accidentally sent to the wrong URL or
a nonresponsive URL will go through Verisign's servers
SMTP (outgoing mail) is apparently listening on all nonexistent domains or nonresponsive hosts.
Not that this is something new, some other TLD's have similiar shady practices;
it's just .com and .net affect ALOT more people.
----- Forwarded message from "Jonathan A. Zdziarski" <jonathan_at_nuclearelephant.com> -----
There's a link to a great rant about this in an article I wrote up today
about Verisign's Anti-Competitive history at
http://www.nuclearelephant.com/papers/verisign.html.
----- End forwarded message -----
-- "Never increase, beyond what is necessary, the number of entities required to explain anything" - William of Ockham (1285-1349) ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>.
This archive was generated by hypermail 2.1.5 : Wed Sep 17 2003 - 09:40:34 PDT