> That isn't correct!!!!! DNS regards EVERYTHING between the http:/ and the
> first invalid character as the DNS name. If your dns entry doesn't match,
> it doen't count at all. Verisign still has control!
Uh, *no* it does not.
A DNS query for host.domain.com goes like this:
1) Your DNS resolvers stub queries the DNS servers set in your TCPIP settings
for HOST.DOMAIN.COM (after checking your hosts file).
2) That DNS server checks it's cache for HOST.DOMAIN.COM. and returns
a non-authoritive answer if found. If not...
3) That DNS server checks it's cache for COM. If not found it queries [.] for
"COM.", and ge a list of name servers for .COM. (root servers ("dot") are
configured in the DNS server's static cache file).
4) Queries {a-m}.gtld-servers.net (the list retrieved in Step 3) for a list of
name
servers DOMAIN.COM, which retrieves the glue records for the that domain (the
registered name servers).
5) Queries *those* name servers for HOST.DOMAIN.COM, which retrives the
information from *your* DNS server's zone files, and is returned to the client.
Even if {a-m}.gtld-servers.net were sent the FQDN (i.e. the host name) -- which
it is *not* AFAIK -- those servers would then have to do a recursive query to
your name servers to see that the host doesn't exist: a infeasibly high-load
task to do
at the gTLD root servers.
Adam
