Owen DeLong wrote:
They claim to be representing the "USER" community and to know better than we what they end users want. They think we're just a bunch of geek engineers that are unwilling to embrace new ideas. Most of all, they think they can make money this way, and, they don't really care about anything else. They're just trying to manipulate things so that the backlash doesn't cause them too much difficulty as they inflict this on the internet.
I wonder how eager they would be to implement wildcards if restricted from making any revenue from the service the wildcard points to (ie. sitefinder). While I agree that handling of NXDOMAIN needs to improve, such handling must be done by the application. Popular browsers have already started doing this. While it is possible for the servers pointed to by a wildcard to handle individual services, it is impossible for said servers to handle all services currently in use and likely to be implemented. If the servers discard packets, then they will place applications in a wait timeout with no explanation as to why. If they rejected connections, then applications will operate as if the remote service were down and not that the remote server itself was unresolvable. There are, of course, minor irritations with a wildcard concerning email. There are also privacy concerns, especially if the servers the wildcard points to handle the smtp connection. It was previously stated that the servers did not log the smtp connection information, but there were no protections given to say that this wouldn't change. I find it sad that Verisign believes they can actually dictate what my customers see better than I can. Worst of all, Versign has to realize that the bind patches WILL be used if wildcarding is reimplemented by them and the resulting issues from use of the patch will a direct result of Verisign's actions. -Jack