[64147] in North American Network Operators' Group
Re: Site Finder
daemon@ATHENA.MIT.EDU (Jack Bates)
Thu Oct 16 14:32:10 2003
Date: Thu, 16 Oct 2003 13:26:47 -0500
From: Jack Bates <jbates@brightok.net>
To: Owen DeLong <owen@delong.com>
Cc: Dan Lockwood <dlockwood@shastalink.k12.ca.us>,
Ray Bellis <rpb@community.net.uk>, nanog list <nanog@merit.edu>
In-Reply-To: <2147483647.1066297136@imac-en0.delong.sj.ca.us>
Errors-To: owner-nanog-outgoing@merit.edu
Owen DeLong wrote:
>
> They claim to be representing the "USER" community and to know better
> than we what they end users want. They think we're just a bunch of
> geek engineers that are unwilling to embrace new ideas. Most of all,
> they think they can make money this way, and, they don't really care
> about anything else. They're just trying to manipulate things so that
> the backlash doesn't cause them too much difficulty as they inflict
> this on the internet.
>
I wonder how eager they would be to implement wildcards if restricted
from making any revenue from the service the wildcard points to (ie.
sitefinder).
While I agree that handling of NXDOMAIN needs to improve, such handling
must be done by the application. Popular browsers have already started
doing this. While it is possible for the servers pointed to by a
wildcard to handle individual services, it is impossible for said
servers to handle all services currently in use and likely to be
implemented. If the servers discard packets, then they will place
applications in a wait timeout with no explanation as to why. If they
rejected connections, then applications will operate as if the remote
service were down and not that the remote server itself was unresolvable.
There are, of course, minor irritations with a wildcard concerning
email. There are also privacy concerns, especially if the servers the
wildcard points to handle the smtp connection. It was previously stated
that the servers did not log the smtp connection information, but there
were no protections given to say that this wouldn't change.
I find it sad that Verisign believes they can actually dictate what my
customers see better than I can. Worst of all, Versign has to realize
that the bind patches WILL be used if wildcarding is reimplemented by
them and the resulting issues from use of the patch will a direct result
of Verisign's actions.
-Jack
