Versign creates man-in-the-middle attack on DNS
Neil Johnson
njohnsn at njohnsn.com
Mon Sep 15 20:00:47 PDT 2003
Official notice from verisign.
Today VeriSign is adding a wildcard A record to the .com and .net
zones. The wildcard record in the .net zone was activated from
10:45AM EDT to 13:30PM EDT. The wildcard record in the .com zone is
being added now. We have prepared a white paper describing VeriSign's
wildcard implementation, which is available here:
http://www.verisign.com/resources/gd/sitefinder/implementation.pdf
By way of background, over the course of last year, VeriSign has been
engaged in various aspects of web navigation work and study. These
activities were prompted by analysis of the IAB's recommendations
regarding IDN navigation and discussions within the Council of
European National Top-Level Domain Registries (CENTR) prompted by DNS
wildcard testing in the .biz and .us top-level domains. Understanding
that some registries have already implemented wildcards and that
others may in the future, we believe that it would be helpful to have
a set of guidelines for registries and would like to make them
publicly available for that purpose. Accordingly, we drafted a white
paper describing guidelines for the use of DNS wildcards in top-level
domain zones. This document, which may be of interest to the NANOG
community, is available here:
http://www.verisign.com/resources/gd/sitefinder/bestpractices.pdf
Matt
--
Matt Larson <mlarson at verisign.com>
VeriSign Naming and Directory Services
--
Neil Johnson
http://www.njohnsn.com
PGP key available on request.
More information about the cypherpunks-legacy
mailing list