ICANN opens up Pandora's Box of new TLDs

• Previous message (by thread): ICANN opens up Pandora's Box of new TLDs
• Next message (by thread): ICANN opens up Pandora's Box of new TLDs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 27, 2008 at 01:32:05PM -0700,
 Roger Marquis <marquis at roble.com> wrote 
 a message of 22 lines which said:

> Security-aware programmers will now be unable to apply even cursory
> tests for domain name validity.

I am very curious of what tests a "security-aware programmer" can do,
based on the domain name, which will not be possible tomorrow, should
ICANN allow a few more TLDs.

If you test that the TLD exists... it will still work.

If you test that the name matches (com|net|org|[a-z]{2}), then you are
not what I would call a "security-aware programmer". 

> requiring valid domain contacts.

ICANN does require valid contacts. And it requires them to be
published and sold. So, people lie to protect their privacy. In the
world of security, stupid ideas often backfire.

> I have to conclude that ICANN has failed, simply failed, and should be
> returned to the US government.

It never leaved it.

• Previous message (by thread): ICANN opens up Pandora's Box of new TLDs
• Next message (by thread): ICANN opens up Pandora's Box of new TLDs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]