On Thu, 19 Aug 2004, Koen Martens wrote:
On Thu, Aug 19, 2004 at 03:15:45PM -0400, David Brodbeck wrote:
On Thu, 19 Aug 2004 20:18:00 +0200, Koen Martens wrote
Grin,
I got your point all along.
I was just trying to get some discussion going by elaborating a bit,
but so far only Mark has joined in and he hasn't really answered the
problem with sub-domaining if you ask me.
I guess this means a.example.com is just screwed if b.example.com
misbehaves..
Does this also mean that if spammer.co.uk misbehaves, the entire rest of the
co.uk domain is screwed?
It does if you take co.uk as the entity to which you assign
reputation.. That's the difficulty with it, where to draw the line..
If you attach the reputation to 'spammer.co.uk' you get said problem that
spammer.com just uses 'a.spammer.com' 'b.spammer.com' 'c.spammer.com' etc..
You should also realize that there is difference between good reputation
and blacklisting. Reputation is whitelisting of known good domains based
on the request of domain owner and confirmed and verified by reputation
service.
As such company that ownes domain "a.com" is the one requesting reputation
or trust for its domain from reputation service and this company may also
have subdomains sub1.a.com and sub2.a.com that it wants to be trusted just
as much as a.com, in such case it should ask about them separately. At the
same time, if a.com is certain that it controls all subdomains under it,
it could ask for reputation of all subdomains *.a.com (if reputation
system supports such wildcards) and if any of the sudomains misbehave,
then a.com is responsible. I suspect that co.uk register would never ask
for same reputation for all *.co.uk domains, as such there should be no
concern that somehow any a.co.uk domain is associated with co.uk in
reputation or other way around.
Now as far as blacklists, they are created of third party and list known
bad domains. In such a case, it may well be that some third party would see
a patern of bad subdomains from a.com (sub1.a.com, sub2.a.com, etc) and
decide that its actual entire a.com that is under control of spammers
and that entire *.a.com should be blacklisted. But its likely that these
third parties would have enough technical knowledge to properly determine
that co.uk is a well known registrar and should not be blacklisted because of
bad domains under it. If they make bad determinations and blacklist too
many "*.domain.com" impoperly, such blacklist would no longer be trusted
by others using the blacklist.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net