[54483] in North American Network Operators' Group
Re: COM/NET informational message
daemon@ATHENA.MIT.EDU (just me)
Fri Jan 3 15:26:37 2003
Date: Fri, 3 Jan 2003 12:26:05 -0800 (PST)
From: just me <matt@snark.net>
To: "Verd, Brad" <bverd@verisign.com>
Cc: "'nanog@merit.edu'" <nanog@merit.edu>
In-Reply-To: <3CD14E451751BD42BA48AAA50B07BAD6037BCFE3@vsvapostal3.prod.netsol.com>
Errors-To: owner-nanog-outgoing@merit.edu
Am I the only one that finds this perversion of the DNS protocol
abhorrent and scary? This is straight up hijacking.
On Fri, 3 Jan 2003, Verd, Brad wrote:
To improve this user experience and to encourage the adoption of an
application that supports IDNA, VGRS is announcing a measure intended
to stimulate widespread distribution of the i-Nav plug-in. Starting
on January 3, 2003, some queries to the com/net name servers that
previously failed with a DNS Name Error (NXDOMAIN) response will
instead return an address (A) record. Any queries for A records with
at least one octet greater than decimal 127 in the second-level label
will trigger this A record response. For example, a query for the A
record for "foo?.com", where "?" represents an octet with a value
greater than 127, would return an A record rather than NXDOMAIN
response. The goal is to match unrecognized domain names generated by
browsers attempting to resolve IDNs. Since browsers construct DNS
queries for such IDNs using UTF-8 or a local encoding, and since
these encodings use octets with all possible values (i.e., from 0
through 255), the presence of octets with values greater than 127 as
described above can indicate a web browser's failed IDN resolution
attempt.
--mghali@snark.net------------------------------------------<darwin><
Flowers on the razor wire/I know you're here/We are few/And far
between/I was thinking about her skin/Love is a many splintered
thing/Don't be afraid now/Just walk on in. #include <disclaim.h>
