I guess we don't really need to discuss the political ramifications, because I don't really care about VS. Our internal policy is to kill the route to the host. I'm offering up a tool to implement a technical solution to killing the route. Nothing more, nothing less. It only affects our internal network, so we don't really have a global impact, unlike some folks in Virgina. If people want it, its here. If not, they're free to delete this. Key is, they have choice. Eric
-----Original Message----- From: David Schwartz [mailto:davids@webmaster.com] Sent: Friday, September 19, 2003 4:04 AM To: J.A. Terranson Cc: ekgermann@cctec.com Subject: RE: Kill Verisign Routes :: A Dynamic BGP solution
On Thu, 18 Sep 2003, David Schwartz wrote:
I think the whole idea of getting into an escalating technical war with Verisign is extremely bad. Your suggestion only makes sense if you expect Verisign to make changes to evade technical solutions. Each such change by Verisign will cause more breakage. Verisign will either provide a way to definitively, quickly, and easily tell that a domain is not registered or Verisign will badly break COM and NET.
DS
With all due respect, this line of logic is the same one used in the US to prevent people from defending themselves from other types of crime, and it's totally bogus.
Really? I've never seen anyone attempt such an argument, but it would be rather amusing to see. Which part would you use?
Would you argue that criminals aren't likely to take steps that obviously are attempts to reduce the effectiveness of guns? And if they do, they will have to deal with the likely PR and government pressure that would result.
The whole point here is that it's not clear to everyone that Verisign is analogous to the criminal. The point is to make it clear that they are and that won't happen if you look very much like them.
We have been, in a literal sense, attacked by Verislime, any and all defenses are appropriate.
No. The defenses have to be reasonable and have to avoid collateral damage to innocent parties. If not, Verisign will have a reasonable argument that we are the bad guys. They caused some breakage? So what, so did we. They distorted the true data that should have been in the zone? So what, so did we.
You are welcome to see this as an attack, but the response should not be out of proportion. If a measured response leads to an escalation, then you can consider "any and all defenses".
DS