CircleID

As a domain holder myself (of vix.com), I would not have chosen ".com" for my parent domain name back in 1988 had there been a wildcard domain name [that activates Site Finder service] under ".com". The risk of someone attempting to reach me but ending up talking to someone else instead would have been seen as "too great". I am now searching for a new parent domain whose publisher will guarantee me, in perpetuity, that there will be no wildcard name as there now is in "com".

As an implementer (president of ISC, which publishes bind), I have heard from quite a few members of our user base (both open source users and packaged binary derivative product distributors) that they are concerned about the lack of reliable "name does not exist" indication from the "com" and "net" name servers. Reported impacts include lost e-mail, inability to filter spam coming from forged domains, and concern that the IANA's reservations for single-letter domain names are no longer being honored.

To that end, ISC will publish a patch for bind, which allows our users to configure their nameservers to filter out VeriSign's synthetic responses. While we recognize the autonomy of zone publishers to publish whatever data they see fit, we also recognize the autonomy of DNS data consumers to filter out any content they deem objectionable. Naturally, our patch will not alter the default behavior of bind. Only users who explicitly and knowingly wish to enable the new "filtering" feature will be affected.

By Paul Vixie, Chairman and Chief Scientist, Internet Systems Consortium. Visit the blog maintained by Paul Vixie here.

Related topics: DNS, Domain Names, Spam