lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <24694.1064519152@gromit.rfc1035.com>
Date: Thu, 25 Sep 2003 20:45:52 +0100
From: Jim Reid <jim@...1035.com>
To: "Jeffrey Gorton" <jpgorton@...ell.net>
Cc: BUGTRAQ@...urityfocus.com, secsac-comment@...nn.org
Subject: Re: Verisign's Sitefinder and use of the namespace


>>>>> "Jeffrey" == Jeffrey Gorton <jpgorton@...ell.net> writes:

    Jeffrey> In the U.S., the radio spectrum is considered a public
    Jeffrey> resource owned by the people.  The government administers
    Jeffrey> and regulates the use of the radio spectrum in the public
    Jeffrey> interest.  I am wondering if the Internet namespace
    Jeffrey> cannot be considered in the same vein.  

Although this is a nice idea, don't go there. You will get into
serious international politics on sovereignty if you do. The US
regulates the radio spectrum within US territory. It doesn't do that
for the spectrum in (say) China. An argument that "the Internet
namespace is a public resource that should be regulated by
governments" is very dangerous. [Both nationally and internationally.]
One consequence of that would be regulation would ultimately have to
be in the control of an international treaty organisation. Like the
ITU or WIPO. That's because no government will accept an international
resource being under the direct control of another government. There
would be an uproar if the US government (say) unilaterally took on
regulating the gTLDs.

The real answer to the current Verisign evil is for ICANN to make them
remove the wildcard RRs. Verisign have crossed a line by adding these.
They should never have been added to the TLDs, not even after the long
period of prior open consultation that should have happened but didn't.
It's now time for ICANN to make a stand. This issue goes to the very
core of ICANN's existence...


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ