On 20/11/2009, at 2:38 PM, Brett Fenton wrote: > Sigh. I'm not sure anybody looks to ICANN for technical brilliance. Only a couple of members of SSAC are ICANN employees, the rest are volunteers, and even then yes I do look to people like David Conrad (ICANN VP for clever stuff) for technical brilliance which he has in abundance. I also look to Steve Crocker, chair of SSAC and author of RFC 1 and Paul Vixie of ISC and so on. The full list is here: http://www.icann.org/en/committees/security/ > Their > 'problems caused' summary for example - poor user experience. That's > subjective, not a technical resolution, as are a few of the others. > > Regardless. The issue in the paper, is wildcarding in the root, which is what > Verisign did. It is about synthesis and redirection at a TLD level but then that is exactly what the Telstra redirection does. Are you suggesting they will redirect doesnotexist.example.com but not doesnotexist.com? > My very first post said this was bad. Very bad. > Unless you know something I don't Telstra aren't wildcarding in the root. They > are returning defined HTTP against failed lookups. I think you're confusing > what the issue is and what it isn't. No, see above. > > A better analogy might be for example how a browser handles a fail. IE > displaying Bing search results or Chrome displaying Google content. Er, no. This is DNS not the web. > > I'm sorry but I'm still not seeing this as anything other than a very minor > inconcenience to a very small subset of users (who have the ability to turn it > off anyway). If you are saying that solely because of the opt-in/opt-out issue then we can agree to differ, but if it your assessment of the impact then I still think you are missing the issue. Here's another good explanation of what is wrong with it: http://queue.acm.org/detail.cfm?id=1647302 kind regards JayReceived on Thu Nov 19 2009 - 17:55:24 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:10 UTC