data request on Sitefinder

• Previous message (by thread): data request on Sitefinder
• Next message (by thread): Dos attack?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 20 Oct 2003 16:55:32 -0700 todd glassey <todd.glassey at worldnet.att.net> wrote:
> Do they (Verisign)  have any legal reason to??? - is there anything between
> them and ANY of their clients that requires them to inform them before any
> changes to protocol facilities are made - I think not.

i'd say that their client is the Department of Commerce.

when the wildcard is inserted in the .com and .net zones, it affects many third
parties who are not direct clients of Verisign, some of whom are users of .org
or other tlds that verisign doesn't handle, so they in fact have no contractual
relationship with Verisign or with a Versign client. 

what i had in mind, though, was that Verisign has apparently indicated that they
will give somewhere around 60 days (plus/minus) notice of any future changes
of this sort.

Steve is attempting to collect data which constitutes technical input about the
appropriateness of the interval.

what i am suggesting is that the sum total of people who courtesy dictates
ought to be notified is basically anyone who runs any sort of internet server.
i picked mail servers because Verisign themselves identified the postfix MTA
as an "issue".

after that, there's still the nagging issue of notification interval. many are thinking
in terms of their own, often large and busy ISP or backbone operation. there are
many, though, in the Enterprise or SMB spaces who are at risk of being left twisting
in the wind ("They're small and clueless, screw 'em").

cost is without question an operational issue. how fast an affected entity (ISP,
NSP, Enterprise, SMB) can adapt may be directly related to available manpower
or funding. i maintain that it is very difficult to separate the funding issue from the
time issue, given that Verisign apparently proposes to give the community 60
or 90 days notice of potentially significant changes to the infrastructure, affecting
unpredicatable numbers of entities in ways unknown, and impossible to cost out
in advance.

for all the flaws of the IETF, it is infinitely preferable to this scenario.

richard
-- 
Richard Welty                                         rwelty at averillpark.net
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security

• Previous message (by thread): data request on Sitefinder
• Next message (by thread): Dos attack?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]