<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] On Its Way: One of the Biggest Changes to the Internet
- To: ga@xxxxxxxxxxxxxx
- Subject: Re: [ga] On Its Way: One of the Biggest Changes to the Internet
- From: jwkckid1@xxxxxxxxxxxxx
- Date: Thu, 11 Oct 2007 21:51:18 -0500 (GMT-05:00)
Karl and all,
I think your central point is significant. Weak DNS implementations
has been and seemingly remains a Stallworth of ICANN registries
and/or Registrars. Such implementations are the responsibility
of ICANN to oversee as a matter of Accreditation, which we
all know full well ICANN has not done very well and will likely
continue to not do at all or poorly a la RegistryFly.
-----Original Message-----
>From: Karl Auerbach <karl@xxxxxxxxxxxx>
>Sent: Oct 11, 2007 8:40 PM
>To: Ram Mohan <rmohan@xxxxxxxxxxxx>
>Cc: ga@xxxxxxxxxxxxxx
>Subject: Re: [ga] On Its Way: One of the Biggest Changes to the Internet
>
>
>Ram Mohan wrote:
>
>> Numerous other usability issues exist, including some interesting ones
>> such as searchability of IDN names and IDN TLDs.
>
>It's been a while since I last scanned SIP VoIP implementations for DNS
>vulnerabilities.
>
>But when I last did it, I found that a lot of VoIP phones had weak DNS
>resolving engines that could be easily confused/killed by long names
>(and IDN names can get long) and long or strange CNAMEs.
>
>(It is amazing the devices than can be sent into the weeds by giving 'em
>a SIP or HTTP URI/URL that contains a domain name that gets mapped via a
>CNAME into something that is either very long or contains the full
>variety of 8-bit characters without honoring the "hostname" character
>set constraint.)
>
>Again, as you say, at the DNS layer, it's all just ASCII labels. And
>the problems I saw weren't IDN problems, just weak DNS implementations.
>
> --karl--
=======
'Regards,
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 277k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"Credit should go with the performance of duty and not with what is very
often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B; liability
depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of
Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail jwkckid1@xxxxxxxxxxxxx
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|