ICANN opens up Pandora's Box of new TLDs

Stephane Bortzmeyer bortzmeyer at nic.fr
Sun Jun 29 19:57:09 UTC 2008

On Fri, Jun 27, 2008 at 01:32:05PM -0700,
 Roger Marquis <marquis at roble.com> wrote 
 a message of 22 lines which said:

> Security-aware programmers will now be unable to apply even cursory
> tests for domain name validity.

I am very curious of what tests a "security-aware programmer" can do,
based on the domain name, which will not be possible tomorrow, should
ICANN allow a few more TLDs.

If you test that the TLD exists... it will still work.

If you test that the name matches (com|net|org|[a-z]{2}), then you are
not what I would call a "security-aware programmer". 

> requiring valid domain contacts.

ICANN does require valid contacts. And it requires them to be
published and sold. So, people lie to protect their privacy. In the
world of security, stupid ideas often backfire.

> I have to conclude that ICANN has failed, simply failed, and should be
> returned to the US government.

It never leaved it.

More information about the NANOG mailing list