On Tue, 16 Sep 2003, Keith Moore wrote:
> their mistake is in assuming that they can respond appropriately
> for all ports - particularly when the association of applications
> with known ports is only advisory, and many ports are open for
> arbitrary use.
> Agreed but this is overstating the issue since interoperability
> demands we know which port is doing what and when.
only the app (not the entire network) needs to know which port to use,
and this doesn't require that every port be assigned to a specific
You can't have it both ways. Either the app is so widespread that the
port in use is at least a de facto standard or it is a "de jure"
standard. Either way it is possible to respond appropriately. And
there aren't that many apps that fall into this category.
But I do agree that in the general case there are a lot of ports to
worry about. I just don't think the general case is a practical
concern. So perhaps we just disagree?
> in fact, a 550 response in SMTP is a different condition from
> NXDOMAIN, and sometimes the difference is important - as the spam
> filter folks have discovered.
> Yes and this could be fixed with a new well-defined error code
NO Jim. VERISIGN DOES NOT HAVE THE RIGHT TO IMPOSE DISRUPTIVE CHANGE
ON THE INTERNET, not even with advance notice.
I'm not so sure. Others on this list and other lists, some more
qualified than I, have been asserting there are no rules -- technical or
otherwise -- to prevent Verisign and others from doing what they've
done. Oh we can certainly debate philosophical positions like "do not
harm," but what exactly is the disruption here?
Correct me if I'm wrong, the principle disruption -- and I want to
emphasize disruption here -- I've seen is that a particular spam
indicator no longer works as expected. Is there more to this than that?
Okay, yes, there may be technical DNS issues but it is still not
disruptive to the Internet infrastructure in general as far as I can
There seems to be no shortage of reasons to dislike the behavior but
what exactly has been disrupted?
> None of this makes it right but let's focus on the issue not Verisign.
Yes, let's focus on the issue. But let's not ignore who is doing it
Ignore, no. But let's not start Verisign bashing either.
What's wrong for VeriSign is wrong for the other TLD operators also.
But Verisign causes much more harm by screwing COM and NET than the
operators of ccTLDs do.
But what exactly is the "screw" here?