Re: Any way to P-T-P Distribute the RBL lists?
Drew Weaver <[EMAIL PROTECTED]> inquired: >I know you all have probably already thought of this, but can > anyone think of a feasible way to run a RBL list that does not have a single > point of failure? Or any attackable entry? Fedex. "Never underestimate the bandwidth of a station wagon loaded with DLT cartridges barreling along the highway at 70mph"... Seriously, as has already been pointed out, the distribution side of the equation is the easy part. Server admins can use an out-of-band technique like ordinary dialup to get access to the blocklist. But generating the blocklist requires real-time reporting back to a central server. Even if the server is decentralized, it will still require a relatively small handful of accessable IP addresses. An out of band layer-2 network could be created for that at the peering points, so as to prevent outside attack. Probably worth doing among major ISPs. Wouldn't scale to end users, of course. But end users could still subscribe to the blocklist through periodic updates. The other obvious thing that could be done would work pretty much like caller ID: create a set of SMTP enhancements that allow email recipients to accept mail from those who have provided traceable ID to the ISPs that participate, and who have agreed to acceptable-use policies that place strict limits on bulk email. Wait, hasn't that been done? The pre-1987 ARPAnet? Oh yeah, we've outgrown that... Public humiliation might also work. Bring back the stockades so we can place spammers out front of courthouses everywhere. Too bad society's outgrown that too... -rich
Re: Verisign Responds
Leo Bicknell wrote: >Looks like the lawsuits are going to be the ones to settle this >dispute...anyone think there's a chance of ICANN pulling .COM and .NET >from Verisign due to breach of contract? I think it's highly unlikely. Dave Stewart wrote: >Oh, I dunno... ICANN has no teeth, so that won't happen. Shouldn't one of them smarty-pants attorneys file for an immediate injunction against VeriSign? Looks like plenty of technical arguments have been posted here which even the most dim-witted judge would understand vs. the public position taken by VeriSign that they should keep their cash register jingling with Sitefinder proceeds while the topic is studied and/or fought over for another 24 months. It's obvious to me that the technical arguments fade out quickly if the service is kept up and running. VeriSign cashes in while everyone else incurs the expense of implementing workarounds and bug-fixes. Once the workarounds are in place for more than a couple weeks, there isn't much impetus to put everything back the way it was. Has an injunction been requested? -rich
Re: What *are* they smoking?
VeriSign stands to gain financially, take a look at this excerpt from an AP news blurb published yesterday: > Ben Turner, VeriSign's vice president for naming services, described the service > as a way to "improve overall usability of the Internet." > > People mistype ".com" and ".net" names some 20 million times daily, Turner said, > and internal studies show "the vast majority of users prefer a page like this > than what they are getting today." >... > Currently, Site Finder sends lost Web surfers to both regular search results and > pay-for-placement listings, which are marked as such. Turner said VeriSign was > partnering with two search companies he would not name. > > He would not disclose how much VeriSign would earn from those companies, with > which it has revenue-sharing arrangements. Anyone find out any details of the contracts which VeriSign has apparently signed to profit from this little venture? -rich