[62845] in North American Network Operators' Group
Re: Verisign Responds
daemon@ATHENA.MIT.EDU (bmanning@karoshi.com)
Tue Sep 23 14:50:00 2003
From: bmanning@karoshi.com
To: goemon@anime.net (Dan Hollis)
Date: Tue, 23 Sep 2003 11:47:25 -0700 (PDT)
Cc: bmanning@karoshi.com, dbs@dbscom.com (Dave Stewart),
nanog@merit.edu
In-Reply-To: <Pine.LNX.4.44.0309231125440.365-100000@sasami.anime.net> from "Dan Hollis" at Sep 23, 2003 11:28:40 AM
Errors-To: owner-nanog-outgoing@merit.edu
>
>
> On Tue, 23 Sep 2003 bmanning@karoshi.com wrote:
> > > On Tue, 23 Sep 2003 bmanning@karoshi.com wrote:
> > > > > On Mon, 22 Sep 2003, Dave Stewart wrote:
> > > > > > Courts are likely to support the position that Verisign has control of .net
> > > > > > and .com and can do pretty much anything they want with it.
> > > > > ISC has made root-delegation-only the default behaviour in the new bind,
> > > > > how about drafting up an RFC making it an absolute default requirement for
> > > > > all DNS?
> > > > That would be making a fundamental change to the DNS
> > > > to make wildcards illegal anywhere. Is that what you
> > > > want?
> > > no it wouldnt. it would ust make wildcards illegal in top level domains,
> > > not subdomains.
> > really? and how would that work? (read be enforced...)
>
> Well yes thats part of the problem. It looks like verisign doesnt care
> what anyone (ICANN, IAB, operators) thinks. But if we can mandate via RFC
> it for dns software (servers, resolvers) etc. Then we go a ways to
> removing verisign from the equation. Verisign can do what they like,
> everyone will just ignore their hijacking.
>
lets try this again... why should a valid DNS protocol element
be made illegal in some parts of the tree and not others?
if its bad one place, why is it ok other places?
--bill
