Brad Knowles wrote:
At 4:47 AM +0200 2003/09/17, Markus Stumpf wrote:
Btw. there are about 10 other TLDs that also have *.tld records.
Please don't get me wrong, I am really upset about VeriSigns "coup",
but there is more to fix than just .com/.net and not all white hats
are without big black spots ...
Right. This is why ISC is working on a real solution to the overall
problem. According to the article by Declan McCullagh at
<http://news.com.com/2100-1032_3-5077530.html>, there should be a fix
for this published by tomorrow.
Here is a relevant message from the IETF mailing list:
-------- Original Message --------
Subject: Re: [Fwd: [Asrg] Verisign: All Your Misspelling Are Belong To Us]
Date: 17 Sep 2003 02:32:42 +0000
From: Paul Vixie <vixie(_at_)vix(_dot_)com>
To: ietf(_at_)ietf(_dot_)org
References:
<Pine(_dot_)WNT(_dot_)4(_dot_)51(_dot_)0309161004490(_dot_)2996(_at_)office(_dot_)elistx(_dot_)com>
> It is worth noting that if we are to "pass judgement against" Verisign
> there are at least half-dozen other TLDs that blazed the trail. We just
> overlooked them because of their size as compared to .NET and .COM.
when people started beating on my phone ringer about wildcards yesterday
evening, and screaming for patches to bind to somehow make it all better,
i asked "but other tld's do this, what's the big deal?" as near as i can
figure it, the problem is one of expectation. if someone signs up for .nu
they know there'll be a wildcard there before they sign, and they can take
appropriate precautions (like only using it for web or e-mail, and not
naming hosts under that tld). the expectations for .com and .net to not
have wildcards were all set many years ago, and it's the violation of those
expectations that's got people angry enough to publish patchware about it.
--
Paul Vixie
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg