Keith Davidson wrote:
Juha wrote:
2-daaayyoh, 2-day-ay-ay-oh. Internet sucks and me wanna go home.
Anyway, things seem to be working again.
So who's going to roast point the Giant Flamethrower at Marina Del Rey? Perhaps this is a job for Captain InternetNZ?
I guess it could be a job for InternetNZ. But it occurs to me that Veri$ign are doing nothing "wrong", it's just not within the spirit of Internet practices? [snip]
Maybe not "wrong" exactly but... RFC 1912 (Informational) Wildcard As and CNAMEs are possible too, and are really confusing to users, and a potential nightmare if used without thinking first. It could result (due again to domain searching) in any telnet/ftp attempts from within the domain to unknown hosts to be directed to one address. One such wildcard CNAME (in *.edu.com) caused Internet-wide loss of services and potential security nightmares due to unexpected interactions with domain searching. It resulted in swift fixes, and even an RFC ([RFC 1535]) documenting the problem. RFC 1535 makes interesting reading. -- Andrew Stephen DDI: +64 4 460 6849 IT Security Architect Mobile: +64 25 582 304 New Zealand Post Fax: +64 4 494 4299 "...shouldn't a DMZ actually be called a Free Fire Zone?" -- Chris Mahn, Three Tiered DMZ's, May 2001 This email with any attachments is confidential and may be subject to legal privilege. If it is not intended for you please reply immediately, destroy it and do not copy, disclose or use it in any way.