Hey, SiteFinder is back, again...

Andrew Sullivan andrew at ca.afilias.info
Mon Nov 5 15:54:05 UTC 2007

On Sun, Nov 04, 2007 at 08:32:25AM -0500, Patrick W. Gilmore wrote:
> A single provider doing this is not equivalent to the root servers  
> doing it.  You can change providers, you can't change "." in DNS.

This is true, but Verisign wasn't doing it on root servers, IIRC, but
on the .com and .net TLD servers.  Not that that's any better.

The last time I heard a discussion of this topic, though, I heard
someone make the point that there's a big difference between
authority servers and recursing resolvers, which is the same sort of
point as above.  That is, if you do this in the authority servers for
_any_ domain (., .com, .info, or .my.example.org for that matter),
it's automatically evil, because of the meaning of "authority".  One
could argue that it is less evil to do this at recursive servers,
because people could choose not to use that service by installing
their own full resolvers or whatever.  I don't know that I accept the
argument, but let's be clear at least in the difference between doing
this on authority servers and recursing resolvers.


Andrew Sullivan                         204-4141 Yonge Street
Afilias Canada                        Toronto, Ontario Canada
<andrew at ca.afilias.info>                              M2P 2A8
                                        +1 416 646 3304 x4110

More information about the NANOG mailing list