Verisign Responds

• Previous message (by thread): Verisign Responds
• Next message (by thread): Verisign Responds
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Paul Vixie wrote:

> you are confused. and in any case this is off-topic. take it to namedroppers,
> but before you do, please read rfc's 1033, 1034, 1035, 2136, 2181, and 2317.

Can someone please tell me how a change to a critical component of the 
Internet which has the capacity to cause harm is not an operational issue?

A TLD issues a wildcard. Instead of discovering if records match the 
wildcard and returning NXDOMAIN (which is what everone wanted), the 
software was designed to restrict records based on delegation.

Delegation was not broken. The changes made allow engineers to break it. 
I'd consider this an issue. Reports have already come in of all the 
various domains that people will mandate delegate-only for. For the 
record, .museum was listed several times despite the request in 
documentation to not force delegation, as were other zones.

In fact, many people were confused. They didn't understand what zone 
delegation was. For the record, I've read all the RFC's you posted. To 
many, it's an issue of wildcards. Yet BIND didn't solve the wildcard 
problem. It solved a delegation problem, which was not only "not broken" 
but has traditional use.

Which "countermeasures" being implemented did the IAB have an issue 
with? I wonder since their arguement against the wildcards was the fact 
that it breaks traditional use. BIND now easily breaks traditional use.

-Jack

• Previous message (by thread): Verisign Responds
• Next message (by thread): Verisign Responds
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]