Dan, On Nov 26, 2009, at 10:25 AM, Dan White wrote:
On 26/11/09 07:37 -0800, David Conrad wrote:
There are folks on this list who work for ISPs which are doing wildcards/synthesis/etc. They (or, more likely their management) can tell you there are obvious business reasons why they do wildcards/synthesis/etc. Perhaps I'm overly cynical, but I suspect that until those business reasons go away, shining a flash light will probably just result in more ISPs implementing wildcards/synthesis/etc.
That's a disagreement we'll have to have. Anytime this issue has been brought up in a public setting (here, slashdot, etc.) has resulted in terrible press and even corrective action. In particular, Network Solutions' attempt to at this at the .com level was corrected.
Right. And since then, ICANN has contractually disallowed gTLD registries from doing SiteFinder like services (unless they can demonstrate such a service won't have a negative security/stability impact). However, as I said, ICANN has no control over what ccTLDs do and there are 12 doing wildcards/synthesis/NXDOMAIN redirection/etc. as I type this, namely: CG (Congo) -- Web redirects to the registry website to register a .CG domain. KR (South Korea) -- If it is a non IDNA-encoded IDN, converts to IDNA. For ASCII, generates a “fake” page-not-found error for web requests. NU (Niue) -- Web requests solicit you to register the domain. PH (Philippines) -- Web requests solicit you to register the domain. PW (Palau) -- File not found error. Uses an invalid SSL certificate. RW (Rwanda) -- Connection time out (wildcard site is down) ST (Sao Tome) -- Web requests solicit you to register the domain. Uses an invalid SSL certificate. TK (Tokelau) -- Connection refused (wildcard site is down) VG (Virgin Is., UK) -- Web requests solicit you to register the domain. VN (Viet Nam) -- Web requests solicit you to register the domain. WS (Samoa) -- Web requests solicit you to register the domain. CN (China) -- Uses synthesis for IDN labels. Returns NXDOMAIN for ASCII labels. However, that's different than what I thought we were talking about. I thought we were talking about ISPs doing wildcards/synthesis/NXDOMAIN redirection/etc. There are a number of ISPs that do this, some of which are quite well known (there is even an Internet Draft on the techniques, see http://tools.ietf.org/html/draft-livingood-dns-redirect-00). Pretty large flash light... Regards, -drc