Kill Verisign Routes :: A Dynamic BGP solution

• Previous message (by thread): Kill Verisign Routes :: A Dynamic BGP solution
• Next message (by thread): Kill Verisign Routes :: A Dynamic BGP solution
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > I think the whole idea of getting into an escalating
> > technical war with
> > Verisign is extremely bad. Your suggestion only makes sense if
> > you expect
> > Verisign to make changes to evade technical solutions. Each
> > such change by
> > Verisign will cause more breakage. Verisign will either provide a way to
> > definitively, quickly, and easily tell that a domain is not
> > registered or
> > Verisign will badly break COM and NET.

> Who said they're logical in their decision making process.  While they
> experiment with .com/.net, countermeasures are called for.  And they have
> badly broken .com/.net.

	It's precisely because they may not be logical that I don't think it's wise
to get into an escalation battle with them. Mutually assured destruction
works well when your adversary is logical and very badly when they're not.

> This is just an evolution of the blackhole solution, doing it dynamically.

	And if Verisign escalates, do you escalate again? Now you've indirectly
caused a second wave of breakage. And then what? You escalate again for a
third wave of breakage?

> Keeps us from having to find out they changed it/moved it/etc.  And, if
> *.com goes away, so does the route :).

	It would be a major escalation for Verisign to use technological means to
dupe people into again getting to SiteFinder despite their clear, explicit
configuration to the contrary. If you really think such an escalation is
inevitable, then the escalation will be sufficient to defeat whatever
mechanism is deployed at that time. So deploying more complex mechanisms
before that point is pointless.

	If you're hoping to push Verisign into an escalation to use that escalation
for a lawsuit or PR angle, a number of small escalations is better than one
big one. People are already employing means to avoid sitefinder, so if they
think it's worth escalating to get around that, they already have to.

	In any event, Verisign's policy descisions will likely be driven primarily
by actions taken by Microsoft, AOL, and perhaps ICANN and the DOC. The plain
and simple truth is that if you want to use .COM and .NET, you have to trust
Verisign. Sad, but true.

	DS

• Previous message (by thread): Kill Verisign Routes :: A Dynamic BGP solution
• Next message (by thread): Kill Verisign Routes :: A Dynamic BGP solution
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]