I don't think anyone holds Matt personally responsible for what has happened so please remember that when responding. Verisign has broken everything and unlike the success of their grandfathered monopoly on registrations this might spell the end of their reign over these zones. This has broken the net, an intense attack on the domain name system would probably have had less impact than the havoc Verisign has caused with their point everything to Verisign hack. I'd think this was very irresponsible behaviour, and conjures up shades of past ghosts (does anyone remember CORE?) if I were an oversight authority I'd be very incredibly pissed off right about now. (stupid question) Doesn't the IAB have any authority left? It's interesting that now ICANN -- perhaps for the first time ever -- might be in the position to do something positive and prove it's not all about backroom politics. It's also ironic that someone would have had to spend years in prison for doing what they've done with or without notice or malicious intent. When people are running around hacking new code into BIND, several MTAs, and bog knows what else you can't say you didn't break anything. Throwing up piles of servers and network equipment to be able to respond to garbage IP traffic because you're aiming the world at your network isn't particularly intelligent either but what do I know about it? Len
On Sat Sep 20, 2003 at 03:28:59PM -0400, Len Rose wrote:
Verisign has broken everything and unlike the success of their grandfathered monopoly on registrations this might spell the end of their reign over these zones.
This has broken the net, an intense attack on the domain name system would probably have had less impact than the havoc Verisign has caused with their point everything to Verisign hack.
Sorry, the Internet is broken, because of this? I can still access the websites I could access before. I can still send and receive email. I can still FTP files from FTP servers. To "users" of the Internet, nothing is broken. Okay, to Internet "Experts", things are broken - their domain checking scripts no longer return "domain available" (why not just check whois.internic.net?). Some spam filtering has stopped working (I've not noticed any increase in the spam in my inbox). Maybe some other tools are misbehaving, but in general, all user-level stuff is just working as before. Not that I condone what Verisign have done - it's an abuse of monopoly as far as I'm concerned - but I do belive there is a lot of emotion involved in this. Simon -- Simon Lockhart | Tel: +44 (0)1628 407720 (x37720) | Si fractum Technology Manager | Fax: +44 (0)1628 407701 (x37701) | non sit, noli BBC Internet Operations | Email: Simon.Lockhart@bbc.co.uk | id reficere BBC Technology, Maiden House, Vanwall Road, Maidenhead. SL6 4UB. UK
I have lots of dns-related activity on both systems and within applicaitons that are broken now because I am no longer able to differentiate between a bad domain name and a working domain. It's not at all minor. You underestimate what this has done, I think. A major change in key functionality of the domain name system (at least for GTLD .COM and .NET) has taken place. I know at least one voice/ip company that has been forced to re-write portions of their phone application because this suddenly broke how the domain name systsem had been functioning. To say it's all about running whois queries reveals the depth at which you must make use of the domain name system. I'm sure those who maintains your name servers for you, and those who maintain your network and systems for you probably would answer differently. Thanks. Len (I won't respond publicly to this thread again I promise) Simon Lockhart wrote: [..]
Sorry, the Internet is broken, because of this? I can still access the websites I could access before. I can still send and receive email. I can still FTP files from FTP servers. To "users" of the Internet, nothing is broken.
Okay, to Internet "Experts", things are broken - their domain checking scripts no longer return "domain available" (why not just check whois.internic.net?). Some spam filtering has stopped working (I've not noticed any increase in the spam in my inbox). Maybe some other tools are misbehaving, but in general, all user-level stuff is just working as before.
Not that I condone what Verisign have done - it's an abuse of monopoly as far as I'm concerned - but I do belive there is a lot of emotion involved in this.
Simon
[..]
At 8:37 PM +0100 9/20/03, Simon Lockhart wrote:
Okay, to Internet "Experts", things are broken - their domain checking scripts no longer return "domain available" (why not just check whois.internic.net?).
To quote Verisign, although this is true of all other whois providers:
TERMS OF USE: You are not authorized to access or query our Whois database through the use of electronic processes that are high-volume and automated except as reasonably necessary to register domain names or modify existing registrations; the Data in VeriSign Global Registry
Never mind that there isn't a standard format for the returned information between providers. The whois database is not a replacement for a DNS query. -- Kee Hinckley http://www.messagefire.com/ Next Generation Spam Defense http://commons.somewhere.com/buzz/ Writings on Technology and Society I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
KH> Date: Sat, 20 Sep 2003 17:03:04 -0400 KH> From: Kee Hinckley KH> The whois database is not a replacement for a DNS query. Especially considering how Verisign whois info often lags waaay behind what is correct. Outdated NS info, anyone? Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _________________________________________________________________ DO NOT send mail to the following addresses : blacklist@brics.com -or- alfra@intc.net -or- curbjmp@intc.net Sending mail to spambait addresses is a great way to get blocked.
On Sun, 21 Sep 2003, Petri Helenius wrote:
The whois database is not a replacement for a DNS query.
I´m sure Verisign will come up with a XML Schema for whois information soon.
Sooner then you think! Yesterday, the results of IETF CRISP WG "call for consensus" was announced and the result is in fact IRIS - XML based whois protocol. Introduced by - you guessed it - Verisign! More info on this and draft protocol specs are at http://www.ietf.org/html.charters/crisp-charter.html P.S. Note that I'm not saying anything bad about actual protocol specs creator - Andrew Newton (from Verisign), who did a great job with IRIS drafts. Both he and Eric Hall worked very hard on the draft specifications for competing IRIS (xml based) and FIRS (ldap based) whois protocol specs. I did vote for FIRS myself, but it had nothing to do with who works for which company and its a hard choice since both specifications are good for future whois. -- William Leibzon Elan Networks william@elan.net
participants (6)
-
E.B. Dreger
-
Kee Hinckley
-
Len Rose
-
Petri Helenius
-
Simon Lockhart
-
william@elan.net