Dan, On Nov 26, 2009, at 10:25 AM, Dan White wrote: > On 26/11/09 07:37 -0800, David Conrad wrote: >> There are folks on this list who work for ISPs which are doing >> wildcards/synthesis/etc. They (or, more likely their management) can tell >> you there are obvious business reasons why they do wildcards/synthesis/etc. >> Perhaps I'm overly cynical, but I suspect that until those business reasons >> go away, shining a flash light will probably just result in more ISPs >> implementing wildcards/synthesis/etc. > > That's a disagreement we'll have to have. Anytime this issue has been brought > up in a public setting (here, slashdot, etc.) has resulted in terrible press > and even corrective action. In particular, Network Solutions' attempt to > at this at the .com level was corrected.
Right. And since then, ICANN has contractually disallowed gTLD registries from doing SiteFinder like services (unless they can demonstrate such a service won't have a negative security/stability impact). However, as I said, ICANN has no control over what ccTLDs do and there are 12 doing wildcards/synthesis/NXDOMAIN redirection/etc. as I type this, namely: CG (Congo) -- Web redirects to the registry website to register a .CG domain. KR (South Korea) -- If it is a non IDNA-encoded IDN, converts to IDNA. For ASCII, generates a “fake” page-not-found error for web requests. NU (Niue) -- Web requests solicit you to register the domain. PH (Philippines) -- Web requests solicit you to register the domain. PW (Palau) -- File not found error. Uses an invalid SSL certificate. RW (Rwanda) -- Connection time out (wildcard site is down) ST (Sao Tome) -- Web requests solicit you to register the domain. Uses an invalid SSL certificate. TK (Tokelau) -- Connection refused (wildcard site is down) VG (Virgin Is., UK) -- Web requests solicit you to register the domain. VN (Viet Nam) -- Web requests solicit you to register the domain. WS (Samoa) -- Web requests solicit you to register the domain. CN (China) -- Uses synthesis for IDN labels. Returns NXDOMAIN for ASCII labels. However, that's different than what I thought we were talking about. I thought we were talking about ISPs doing wildcards/synthesis/NXDOMAIN redirection/etc. There are a number of ISPs that do this, some of which are quite well known (there is even an Internet Draft on the techniques, see http://tools.ietf.org/html/draft-livingood-dns-redirect-00). Pretty large flash light... Regards, -drc