[62852] in North American Network Operators' Group
Re: Verisign Responds
daemon@ATHENA.MIT.EDU (Eliot Lear)
Tue Sep 23 15:27:54 2003
Date: Tue, 23 Sep 2003 12:18:07 -0700
From: Eliot Lear <lear@cisco.com>
To: Randy Bush <randy@psg.com>
Cc: Dan Hollis <goemon@anime.net>, nanog@merit.edu
In-Reply-To: <E1A1s7E-0006NY-2Z@roam.psg.com>
Errors-To: owner-nanog-outgoing@merit.edu
Randy Bush wrote:
>>it would ust make wildcards illegal in top level domains,
>>not subdomains.
>
>
> there are tlds with top level wildcards that are needed and
> in legitimate use.
>
> verisign has not done anything strictly against spec. this
> is a social and business issue.
And this in itself indicates a possible failure in our model. When
someone can do something that causes so much outrage, and we the
community have no recourse, something is wrong. Maybe we're in the
realm of politics, but our implementations reflect our values.
Do you feel the same today about the GPG/PGP v. X.509 as you did before
Verisign decided to become an unauthorized interloper? Might we have a
standards problem with SSL, because people cannot simply NOT trust
Verisign certs? After all, how many certificates can you get out of SSL
for a server or a client?
>
> all this noise and bluster is depressing. it indicates that
> we are in a very quickly maturing industry because a lot of
> probably-soon-to-be-ex engineers have too much time on their
> hands.
I take a different view. If people who are upset with Verisign's change
DON'T say anything, then there's no reason for Verisign to change. I
suspect that the better forum may be one's Congress person...
Eliot
