<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [nc-whois] accuracy: uk.com
Is this fact or fiction?
At 03:43 PM 11/11/2002 +0100, Thomas Roessler wrote:
>FYI, from ICANNwatch: http://www.icannwatch.org/article.php?sid=1016
>
>>NTKnow, which in prolonged bout of needless modesty persists in
>>billing itself as "*the* weekly high-tech sarcastic update for the
>>uk" (rather than, say, "one of the consistently finest (and
>>typo-free) publications on the net"), provides a succinct
>>explanation of an unfortunate automated interaction between antispam
>>forces, ICANN, and Verisign. The result: a lot of people and
>>resources operating under the uk.com domain were temporarily
>>"disappeared" for no very good reason.
>>
>> UK.COM, the slightly silly but popular para-TLD, disappeared briefly
>> from the Net this week. The reason, as ever in DNSland, was a
>> combination of overearnestness and mild incompetence that slowly
>> escalated until it hit Verisign, home of *fantastic* incompetence. It
>> started with spamcop and rfc-ignorant.org deciding they'd seen spam
>> from a *.uk.com domain - and therefore, uk.com were responsible. Their
>> bots checked the uk.com admin details - and, by a quirk, failed to
>> find a valid mailserver. So they reported uk.com as having invalid
>> whois details to a bot at ICANN. That bot turned and told Verisign. Of
>> course, Verisign as the last port of call, had the sense to check with
>> a huma - oh, what am I saying? Ten days after the first mistake,
>> without apparently contacting uk.com by phone, post or mail, Verisign
>> shut down the domain, killing thousands of other sites. Which
>> presents an interesting denial of service attack on a domain: it seems
>> if you can report to ICANN that a domain's details are wrong,
>> there's a good chance of it escalating until your victim has vanished
>> from the Net. Heck, just reporting a fake spam might do it. ICANN
>> and Verisign updated the DNS root hints file this week, for the
>> first time in five years. If only we could send them the occasional
>> hint back.
>>
>>The moral, which we all knew anyway: a system is only as secure (or
>>stable) as its weakest link.
>
>--
>Thomas Roessler <roessler@does-not-exist.org>
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|