| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: jonathan at nuclearelephant.com (Jonathan A. Zdziarski) Subject: Verisign "responds" > shouldn't that be "we're clueless morons who don't care about the expense we > cause other businesses to absorb, we're only interested in our own > wallets." Having read ICANN and IAB's review of Verisign's sitefinder service, the statement you are referring to: 6 Conclusion > A wildcard entry in a zone affects DNS responses for that zone. For existing > applications that do not contemplate the effects of wildcard entries, > application developers should consider taking appropriate corrective > actions. > ---------- Should say: A wildcard entry in a zone affects DNS responses for that zone. For existing applications that conform to the Internet standards as the world knows them, application developers should consider taking a more "Microsoft" approach and let us redefine the standard, thus making it your own fault for not anticipating the unplanned and poorly thought out actions of Verisign. Put bluntly: Verisign broke several of the standards we rely on (including both written and unwritten standards) and have no business blaming application developers for not doing the same. In summary: Verisign: Australian for Dumbass
Powered by blists - more mailing lists