lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1063907667.3306.39.camel@tantor.nuclearelephant.com>
From: jonathan at nuclearelephant.com (Jonathan A. Zdziarski)
Subject: Petition against VeriSlime's DNS abuse

> The financial backing is non-trivial. You're going to need some pretty
> serious big iron, and some pretty bad-ass bandwidth.


Non-profit doesn't necessarily mean doesn't make any money.  The
registries are already paying to register domains in the first place. 
I'm not opposed to some trivial per-domain fee to pay for the whole
project.  Aside from self-funding though, think of how many registries
are willing to kick serious money into a project that would remove
Verisign as a monopoly over the space.  You can bet on BuyDomains.com
and BulkRegister.com would get materially involved.


> Oh.. and you'll need trusted and experienced people, and be willing to pay them.


I didn't say it was something that could be done overnight =) If the
community wanted to do this, you'd need to get people together and put
together a business plan just like you would if you were starting a
business - it's not just a big project, it's a HUGE project, and one
that requires the utmost critical planning.  I don't think there'll be
any shortage of trusted and experienced people though =).  


> Don't like how a TLD is run? Talk to ICANN and the administrator of that TLD.


If it's as simple as establishing a set of rules to govern all of the
registries (or risk getting your TLD dropped - obviously an extremely
serious consequence) I'm all for it as opposed to reorganizing. 
Remember though, ICANN are the ones who approved a Waiting List service
for Verisign.  It seems to me that they wouldn't be interested in
enforcing some of these more serious issues.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030918/cdfb9910/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ