From: Greg Small (gts_at_uclink.berkeley.edu)
Date: Wed Sep 17 2003 - 10:20:10 PDT
Ross,
Can you give an example of a non-existent host or domain that "responds"
so that I can test this?
The link you gave goes on and on about anti-competitive practices but is a
little short on comparison of practices of other companies that would be
necessary to single out VeriSign as an "evil empire".
The wait list and the delay before making an existing domain name available
seems more reasonable than whoever just happens to get there first. Presumably
one could register for a new domain and also sign up for the waiting list for
than same domain as a way of protecting against accidental loss of your
domain due to paper work foul ups. Also the fee deters bounty hunters who
only want the domain to resell it or to disadvantage someone.
Greg Small On a network, paranoia is
Security Infrastructure Project just good thinking!
Workstation Software Support WSS/IST Systems Programmer for 36
University of California at Berkeley years and it's still fun!
0--------1---------2---------3---------4---------5---------6---------7--
"http://wssg.berkeley.edu/SecurityInfrastructure/"
0--------1---------2---------3---------4---------5---------6---------7--
At 09:36 AM 9/17/2003 -0700, rossd_at_cns.me.berkeley.edu wrote:
>For those who haven't heard, Verisign mucked with their root
>servers by implementing a new system which redirects any non-existant domains
>or hosts that are not responding to their own servers and apparently did
>it with
> no more than an hour or two notification and no input from the Internet
> community.
>
>This has already be shown to break the following:
>
> Many anti-spam tools have broken as a result of nonexistent domains now
> appearing to exist
> Passwords and other private information that are accidentally sent to
> the wrong URL or
> a nonresponsive URL will go through Verisign's servers
> SMTP (outgoing mail) is apparently listening on all nonexistent domains
> or nonresponsive hosts.
>
> Not that this is something new, some other TLD's have similiar shady
> practices;
> it's just .com and .net affect ALOT more people.
>
>----- Forwarded message from "Jonathan A. Zdziarski"
><jonathan_at_nuclearelephant.com> -----
>There's a link to a great rant about this in an article I wrote up today
>about Verisign's Anti-Competitive history at
>http://www.nuclearelephant.com/papers/verisign.html.
>----- End forwarded message -----
>
>--
>"Never increase, beyond what is necessary, the number
>of entities required to explain anything"
>- William of Ockham (1285-1349)
>
>------------------------------------------------------------------------
>The following was automatically added to this message by the list server:
>
>For information about Micronet, including subscribing to
>or unsubscribing from its mailing list and finding out
>about upcoming meetings, please visit the Micronet Web site:
><http://micronet.berkeley.edu/>.
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
This archive was generated by hypermail 2.1.5 : Wed Sep 17 2003 - 10:21:02 PDT