Slashdot Mirror
Paul Vixie And David Maher On VeriSign Wildcarding
chromatic writes "The O'Reilly Network has just published an interview with Paul Vixie, chairman of the board of the Internet Software Consortium and a primary author of BIND. Topics include the recent VeriSign controversy, ISC's BIND patch in response, and other potential issues that might come to light in the near future." On a related note, dmehus writes with a link to the letter sent by David Maher, chairman of the Public Interest Registry -- the .org registrar, to ICANN President and CEO Paul Twomey. "The letter says that it supports ICANN's call for VeriSign to voluntarily suspend SiteFinder and the Internet Architecture Board preliminary position paper. It goes on to say that PIR will not be implementing any DNS wildcard to the .ORG zone. It urges ICANN to stand its ground, but also to implement a policy preventing registries from taking this kind of unilateral action in the future." The letter is in .doc format, but AbiWord and OpenOffice.org both open it fine.
legally, is veri allowed to redirect requests to their own domain? if not, who has the rights to unused domain names?
Gee, that's nice, but in the meantime, it aids spammers, since I can no longer tell if the sender's address is from a valid domain. With Verisign's corruption of the root servers, *all* .com and .net domains will now come back as being valid.
You're telling me that if you get a "server not found" page, you're too stupid to figure out you misspelled something?
This is an absolute abuse of Verisign's position. They are contracted to *maintain* the database, not warp it to their own *commercial* purposes. If this was actually a valid service, they would have had no trouble with proposing it to the Internet standards bodies before implementing it. Instead, they're defying those organizations. Worse yet, they've actually put me in the position of agreeing with ICANN.
Though you've been modded flaimbait, I'm assuming you were simply posting from the perspective of a strictly web user, who could presumably be helped (emphasis on presumably) by being redirected to SiteFinder and pointed to the proper site.
I think the main thing that has admins screaming, however, is that SiteFinder breaks so many other services just to provide a questionable service for web surfers. Sure, surfers may benefit, but email admins, DNS admins, and many others are banging their heads against the wall because of the problems Verisign's divergence from accepted protocol has caused them.
Just a thought.
It's a question of the duties of a provider of infrastructure.
.com and .net), Verisign is, as I said, a monopoly.
There's a certain relationship between a consumer of infrastructure and a provider of it. The consumer must trust the infrastructure to do what it is supposed to do, and nothing more.
This is no different from ISPs randomly redirecting users to their own branded search engine when you type in "www.google.com", or an ISP's employee intercepting passwords and using them to steal money.
Infrastructure providers inherently have a lot of control over the services they provide. There is a duty there to provide the service as expected, without changing the content that is carried.
Verisign's position as a chartered monopoly makes this duty even more important, because consumers have no choice to use an alternative.
I'm not sure what you mean by "No one's made use of it before"... No one else could make use of it (in
Other CCTLDs have used wildcards before, but no one much cares about some island that is abusing the CC system to make extra money.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
I do. I run the DNS servers at an ISP, and I am planning to apply the ISC patch that restricts delegation from root servers (as soon as the bugs are shaken out of it -- give it a week or two.) I, and all the other sysadmins out there, decide whether SiteFinder works or not.