Slashdot Mirror

← Back to Stories (view on slashdot.org)

Top Level .xxx Domain Concept Under Scrutiny

Posted by Zonk on from the not-in-the-cards dept.

An anonymous reader writes "The Bush administration is objecting to the creation of a .xxx domain, saying it has concerns about a virtual red-light district reserved exclusively for Internet pornography. This is despite the the .xxx domain being approved in June and New.net selling domain names using the .xxx suffix for many months before the approval." From the ZDNet article: " The sudden high-level interest in what has historically been an obscure process has placed the Internet Corporation for Assigned Names and Numbers (ICANN) in an uncomfortable position. ICANN approved the concept of an .xxx domain in June and approval of ICM Registry's contract to run the suffix was expected this week Other governments also have been applying pressure to ICANN in a last-minute bid to head off .xxx. A letter from ICANN's government advisory group sent Friday asks for a halt to 'allow time for additional governmental and public policy concerns to be expressed before reaching a final decision.'"

1 of 678 comments (clear)

  1. Re:You can't filter based on a TLD... by ciggieposeur · · Score: 4, Informative

    What he's saying is that kids can easily type "http://1.2.3.4" and reach the same place as "http://hugeyams.com". The only way to prevent that is to see if there is a DNS record linking 1.2.3.4 to hugeyams.com and putting up a denial messagebox if so.

    But this breaks for four main reasons:

    1) DNS names can map to one or many IP addresses. "hugeyams.com" might be a server farm, or a mapping that changes every night. The mapping isn't 1-to-1, it isn't constant, and you can't rely on your information being current with broken caching servers out there.

    2) "1.2.3.4" could be a single server hosting thousands of "separate sites" including hugeyams.com and aclu.org. Block one and seriously violate the constitutionally-protected speech of the other (political speech trumps all other speech).

    3) A huge number of IP addresses do not have the right DNS name mappings (PTR to CNAME records in the in-addr.arpa domain), or they may have no PTR record at all. ('Net history: at one time the only incentive at all to fix this was to get access to the download site for the 128-bit encryption version of Netscape.) Getting 100% of the 'Net admins to maintain PTR records is practically impossible.

    4) Even if a PTR record exists, the web site owner has no control of it, the ISP of their hosting company does. What you (as a porn operator) pay $50/year to call "hugeyams.com" they might call "39876fb-box55-eth1.sf.us.bigassisp.net" .

    So even if ".xxx" is adopted as a TLD it can be trivially bypassed by disregarding DNS, and forcing everyone to use DNS is practically impossible and could break lots of other low-level things too.

    Technically, a bad idea. Socially, a stupid one.