Henrik Nordstrom wrote: >As someone else in the Slashdot thread said Internet is not only the web.
It's also worth bearing in mind that Squid will no longer display you're nicely customised "dnsserver can't find this site" pages; "verisignsucks.com" will resolve to their new "sales" page. In short, everything now resolves ;) I've said it on a few lists, but this breaks DNS so badly I can't even comprehend who let this go ahead. I think we'll see a fair few things breaking and this being revoked. Even if that doesn't happen I'm sure Microsoft will have something to say about the reams of people who will no longer be visiting their MSN search pages which are the default in IE for non-resolution errors. Imagine that! Microsoft complaining about anti-competitive measures! LOL. To add to Henrik's list this also breaks: * Negative caching of NXDOMAIN instances; everything resolves and is cached for 15mins with Verisign's default TTL * Forces more positive caching; great - more DNS traffic as most DNS servers are setup to negatively cache for quite a long time to save keep looking up downed sites More on-topic, how will Squid handle this? Say I visit `Verisignsucks.com` and get their sitesearch page. Squid caches it. Now I go to `zzzxfeuoiwqueoiwqe.com` and get the exact same content. Does Squid cache another whole instance or recognise that it already has the correct files, albeit from the wrong domain? I'll wager that it stores another instance. Therefore, every time a user does a typo on a URL we'll have another load of redundant stuff hitting our caches rather than the normal sane behaviour of a failure in DNS resolution. Great. All ways, this is a very bad thing - something that I don't think most people will realise for some time to come. This email and any attachments are strictly confidential and are intended solely for the addressee. If you are not the intended recipient you must not disclose, forward, copy or take any action in reliance on this message or its attachments. If you have received this email in error please notify the sender as soon as possible and delete it from your computer systems. Any views or opinions presented are solely those of the author and do not necessarily reflect those of HPD Software Limited or its affiliates. At present the integrity of email across the internet cannot be guaranteed and messages sent via this medium are potentially at risk. All liability is excluded to the extent permitted by law for any claims arising as a re- sult of the use of this medium to transmit information by or to HPD Software Limited or its affiliates.
