Verisign have modified their root servers so that queries to nonexistent domains no longer return "domain does not exist", but instead return an A record pointing at one of Verisign's servers. In English, this means that if you type in "www.verisignsuckdonkeyballs.com" into a browser, you will no longer get a 'no page' message - but you will hit Verisign's half-baked search engine.
Why does this affect me - or more importantly, why does it make me hopping mad? Ignoring the corporate greed aspect (typosquatting is illegal for some companies...), this breaks things on a fundamental technical level. Spam filters that check for the existence of sender domains are now all broken - because all .com and .net addresses will appear to exist. Worse, in the event of an MX record failing some MTAs fall back on delivering to a regular A record - which will show up as Verisign! So mail that would have been queued will now bounce (Verisign helpfully put up a daemon on their box to bounce everything; I'm not sure if that's better or worse than having them catch all the lost mail). There are also training issues: I know a few people who look for domains by typing ideas into a browser, and if nothing comes up they go to see if they can buy it. That won't work very well if you get a search engine redirecting you when you search! Likewise, diagnosing bad DNS servers is a lot harder now that all .com or .net DNS queries will give a reply.... dnsdoc, my saviour in the past, is definitely confused by these changes.
Fortunately, I'm not the only angry one. ISC, the people who make BIND (the world's most popular DNS server) have issued an emergency patch blocking Verisgn's behavior. The IETF and ICANN called Verisign's behavior a breach of RFC, although they don't seem willing to do anything about it. In a few hours, TSG and associated DNS servers (including mine!) will be upgraded - and I'll be able to ignore Verisign's idiocacy... as long as I'm at home. Without fundamental change at Verisign, we will face a cat-and-mouse war between those of us who use the Internet, and the idiots who see it as a cash crop...
In other news, I'm feeling a bit better - but a tad feverish, still. I haven't got much done today. Yick.
Mood: cranky
Music: Queen - Delilah
No comments:
Post a Comment