http://www.pcmag.com/article2/0,2817,2355068,00.asp?kc=PCRSS05079TX1K992
So have the security implications of these new domain names really been thought
through?
Larry Seltzer
Contributing Editor, PC Magazine
larry_selt...@ziffdavis.com
http://blogs.pcmag.com/securitywatch/
__
*shrugs*
This has already been the status quo for several years w/ third level
domains, ICANN has just approved second level domains and even TLDs.
We're going to have some interesting appcompat issues (understatement)
as punycode is not at all an OS component yet. So on the one hand,
you have th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, Oct 31, 2009 at 6:14 AM, Larry Seltzer
wrote:
> http://www.pcmag.com/article2/0,2817,2355068,00.asp?kc=PCRSS05079TX1K
> 992
>
>
>
> So have the security implications of these new domain names really been
> thought through?
>
No.
If noth
Seltzer
Cc: funsec@linuxbox.org
Subject: Re: [funsec] ICANN Approves Non-Latin Domain Name Characters
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, Oct 31, 2009 at 6:14 AM, Larry Seltzer
wrote:
>
http://www.pcmag.com/article2/0,2817,2355068,00.asp?kc=PCRSS05079TX1K000
0
> 992
>
>
> So have the security implications of these new domain names really
> been thought through?
Of course not. Security is an afterthought. Making money for the
infrastructure companies comes first.
It's been a long time since Internet governance had anything to do with
governing well (as opposed
> No.
>
> If nothing else, expanding the TLD space expands the abuse footprint.
>
> Further, expanding the TLD footprint in areas which are not clearly
> 'recognizable' by some applications, etc., will certainly have a tendency
> to be targets for abuse by criminals.
>
> Of course, this may sound o
Larry Seltzer napsal(a):
http://www.pcmag.com/article2/0,2817,2355068,00.asp?kc=PCRSS05079TX1K992
So have the security implications of these new domain names really
been thought through?
Heh, it seems like browsers now have to include OCR.
--
Martin Tomasek
___
On Sat, Oct 31, 2009 at 7:07 AM, der Mouse wrote:
>> So have the security implications of these new domain names really
>> been thought through?
>
> Of course not. Security is an afterthought. Making money for the
> infrastructure companies comes first.
>
> It's been a long time since Internet g
On Sat, Oct 31, 2009 at 06:34:31AM -0700, Paul Ferguson wrote:
> If nothing else, expanding the TLD space expands the abuse footprint.
>
> Further, expanding the TLD footprint in areas which are not clearly
> 'recognizable' by some applications, etc., will certainly have a tendency
> to be targets
> -Original Message-
> From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org]
> On Behalf Of Dan Kaminsky
...
> Did ICANN actually declare there would be IDN TLDs? I was under the
> impression -- possibly incorrect -- that they just threw their weight
> behind IDN SLDs.
> They've been wringing their hands about security for a few years now,
> around this very issue. Not saying they've gotten everything right,
> but I can't imagine the real testing work being done by the actual
> implementers (OS vendors) without the domains being officialized like
> this.
The
to:funsec-boun...@linuxbox.org]
On Behalf Of Larry Seltzer
Sent: Saturday, October 31, 2009 9:40 AM
To: funsec@linuxbox.org
Subject: Re: [funsec] ICANN Approves Non-Latin Domain Name Characters
Oh I know all this, just looking for quotes.
Larry Seltzer
Contributing Editor, PC Magazine
lar
On Oct 31, 2009, at 11:12 AM, Rich Kulawiec wrote:
> On Sat, Oct 31, 2009 at 06:34:31AM -0700, Paul Ferguson wrote:
>> If nothing else, expanding the TLD space expands the abuse footprint.
>>
>> Further, expanding the TLD footprint in areas which are not clearly
>> 'recognizable' by some appl
fergie wrote:
>
> If nothing else, expanding the TLD space expands the abuse footprint.
Since it does not introduce a new character set (everything is translated
to letters, numbers, and hyphens), it really does not break any existing
applications. New applications that choose to decode and store
--
From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org]
On Behalf Of Larry Seltzer
Sent: Saturday, October 31, 2009 11:59 AM
To: Dan Kaminsky; der Mouse
Cc: funsec@linuxbox.org
Subject: Re: [funsec] ICANN Approves Non-Latin Domain Name Characters
> They've been wringing their ha
uritywatch/
>
>
> -Original Message-
> From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org]
> On Behalf Of Larry Seltzer
> Sent: Saturday, October 31, 2009 9:40 AM
> To: funsec@linuxbox.org
> Subject: Re: [funsec] ICANN Approves Non-Latin Domain Name Ch
On Sat, Oct 31, 2009 at 12:15:00PM -0400, Dan Kaminsky wrote:
> Forseen what?
Lemme 'splain.
Whenever a new TLD is opened up -- like, let's say, .mobi to pick
a spectacularly superfluous one -- there's a goldrush of registrations.
Most of that goldrush consists of spammers, phishers and abusers
>>> So have the security implications of these new domain names really
>>> been thought through?
>> Of course not. Security is an afterthought. Making money for the
>> infrastructure companies comes first.
(In passing, something in your email software is mangling quotes; it
replaced two ordinary
--- On Sat, 10/31/09, Larry Seltzer wrote:
> I won't implicate anyone here unless you tell me you want to be
> quoted, and then I'll just garble the quote to humiliate you.
AHA! I knew a journalist would someday accidentally say what we all knew!
Now you have to be good or we'll tell your peer
* Rich Kulawiec:
> So of course they're in favor of .mobi and .info and .pro and
> as many more variations as possible, because every time another
> one is launched, they get to do this all over again.
But this whole thing only works if new TLDs are relatively rare. If
they aren't, the whole sch
On Mon, 02 Nov 2009 12:49:52 GMT, Florian Weimer said:
> * Rich Kulawiec:
>
> > So of course they're in favor of .mobi and .info and .pro and
> > as many more variations as possible, because every time another
> > one is launched, they get to do this all over again.
>
> But this whole thing only
On Mon, Nov 2, 2009 at 5:51 AM, wrote:
> On Mon, 02 Nov 2009 12:49:52 GMT, Florian Weimer said:
>> * Rich Kulawiec:
>>
>> > So of course they're in favor of .mobi and .info and .pro and
>> > as many more variations as possible, because every time another
>> > one is launched, they get to do this
* Dan Kaminsky:
> Oh, come off it. There are reasons to make changes to networks other
> than security. It's a genuine, non-corrupt reasonable demand that you
> should be able to have your own language in DNS.
If it's only about language, it's not reasonable at all. "com" isn't
English, "de" i
On Mon, Nov 2, 2009 at 6:10 AM, Florian Weimer wrote:
> * Dan Kaminsky:
>
>> Oh, come off it. There are reasons to make changes to networks other
>> than security. It's a genuine, non-corrupt reasonable demand that you
>> should be able to have your own language in DNS.
>
> If it's only about la
>> It's a genuine, non-corrupt reasonable demand that you should be
>> able to have your own language in DNS.
> If it's only about language, it's not reasonable at all. "com" isn't
> English,
gTLDs are another fettle of kish entirely.
> "de" isn't German,
Hm? I thought the point was that it _w
On Mon, 02 Nov 2009 06:05:40 PST, Dan Kaminsky said:
> Will different people be running the various renderings of .foobar?
> Ultimately that's what matters from an enforcement perspective.
Rest assured there will be as many pigs feeding at the trough as can fit.
pgpvzioj1Z6HJ.pgp
Description:
On Mon, 02 Nov 2009 14:10:35 GMT, Florian Weimer said:
> (Poor FYROM. There are '"'s in the country's official name, so it
> can't be put into DNS even with IDNA.)
The country's official name doesn't mean squat in this. Anyhow, looking at
http://en.wikipedia.org/wiki/Republic_of_Macedonia - I do
Date sent: Sun, 01 Nov 2009 01:25:33 -0500 (EST)
From: der Mouse
> (In passing, something in your email software is mangling quotes; it
> replaced two ordinary spaces with non-break spaces. I changed them
> back in the quote above.)
Were they Latin non-breaking sp
>> (In passing, something in your email software is mangling quotes; it
>> replaced two ordinary spaces with non-break spaces. [...])
> Were they Latin non-breaking spaces, or Korean non-breaking spaces?
Latin. They were 0xa0 octets, and the part was marked 8859-1.
(I wasn't aware there was suc
On Mon, Nov 02, 2009 at 12:49:52PM +, Florian Weimer wrote:
> * Rich Kulawiec:
>
> > So of course they're in favor of .mobi and .info and .pro and
> > as many more variations as possible, because every time another
> > one is launched, they get to do this all over again.
>
> But this whole th
On Mon, 02 Nov 2009 13:48:08 -0500
valdis.kletni...@vt.edu wrote:
>On Mon, 02 Nov 2009 14:10:35 GMT, Florian Weimer said:
>
>> (Poor FYROM. There are '"'s in the country's official name, so it
>> can't be put into DNS even with IDNA.)
>
>The country's official name doesn't mean squat in this. Any
31 matches
Mail list logo
