<<<
Chronological Index
>>> <<<
Thread Index
>>>
[nc-whois] accuracy: uk.com
FYI, from ICANNwatch: http://www.icannwatch.org/article.php?sid=1016
>NTKnow, which in prolonged bout of needless modesty persists in
>billing itself as "*the* weekly high-tech sarcastic update for the
>uk" (rather than, say, "one of the consistently finest (and
>typo-free) publications on the net"), provides a succinct
>explanation of an unfortunate automated interaction between antispam
>forces, ICANN, and Verisign. The result: a lot of people and
>resources operating under the uk.com domain were temporarily
>"disappeared" for no very good reason.
>
> UK.COM, the slightly silly but popular para-TLD, disappeared
> briefly from the Net this week. The reason, as ever in DNSland,
> was a combination of overearnestness and mild incompetence that
> slowly escalated until it hit Verisign, home of *fantastic*
> incompetence. It started with spamcop and rfc-ignorant.org
> deciding they'd seen spam from a *.uk.com domain - and therefore,
> uk.com were responsible. Their bots checked the uk.com admin
> details - and, by a quirk, failed to find a valid mailserver. So
> they reported uk.com as having invalid whois details to a bot at
> ICANN. That bot turned and told Verisign. Of course, Verisign as
> the last port of call, had the sense to check with a huma - oh,
> what am I saying? Ten days after the first mistake, without
> apparently contacting uk.com by phone, post or mail, Verisign shut
> down the domain, killing thousands of other sites. Which presents
> an interesting denial of service attack on a domain: it seems if
> you can report to ICANN that a domain's details are wrong, there's
> a good chance of it escalating until your victim has vanished from
> the Net. Heck, just reporting a fake spam might do it. ICANN and
> Verisign updated the DNS root hints file this week, for the first
> time in five years. If only we could send them the occasional hint
> back.
>
>The moral, which we all knew anyway: a system is only as secure (or
>stable) as its weakest link.
--
Thomas Roessler <roessler@does-not-exist.org>
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|