This is just another example of a virtual monopoly doing whatever them damn well please because .... THEY CAN. Sorry to sound like a broken record, but we in the Inclusive Namespace have been saying this all along. How about a world with 1000's of TLDs all operated by different people with NO restrictions imposed by a monopoly-supporting politburo (ICANN). How about a root network operated under rules designed ONLY to support the technical stability of the network and not under rules that masquerade as such but are really designed to prop up a monopoly of four organizations so that they can corner the market and shut out all others. Imagine such a world. Some people are doing just that. Some people with a LOT of money to spend on such a project. Stay tuned. In a free market namespace (which the ICANN/USG IS *NOT*), with no un-neccessary barriers to entry, competition would weed out the players that did anti-social, predatory things like VRSGN is doing. Either a business changes its practices to be in tune with its customer base or it vanishes. FYI: ADNS had wildcard records in the DNS for the .USA, .EARTH, .Z, .LION and .AMERICA TLDs. They simply pointed to a page that said "This domain has not been registered yet". Those records were removed today because of the controversy surrounding wildcard records at the TLD level. I see a valid use for such records but there is also potential for abuse and perception is sometimes as important as reality. In the Inclusive Namespace, competition is a reality because there are no artificial barriers to entry in the marketplace and players had better listen to the consumer's opinions or else they will not survive. Thats as it should be. So, why isn't the #1 (in terms of traffic) root server network operated that way? ----- Original Message ----- From: "Richard Cox" <Richard@mandarin.com> To: <nanog@merit.edu> Sent: Tuesday, September 16, 2003 10:18 Subject: Re: Verisign insanity - Distributed non-attack
On Tue, 16 Sep 2003 17:02:59 +0200 "RoDent" <rodent@mighty.co.za> wrote:
| Effectively this would amount to "denial of service" attack, but since | there is nothing illegal about making an http request to an invalid | hostname, Verisign will be bringing the denial of service attack upon | themselves, and unfortunately dragging ISP's with them. Why ISP's | haven't publically taken a stance against this yet is fascinating.
While I completely share your concern about Verisign's behaviour, I have a higher level concern about anything seeking to disrupt services on the 'net. For some weeks now, several of the abuse-prevention organisations have been subjected to Distributed Denial-of-Service attacks; the attack on SORBS is still continuing, and very few of the networks carrying this DDoS traffic have lifted a finger to either limit or trace the attacking traffic. Which, I have to say, is *most* disappointing.
-- Richard Cox