RE: [ga] On Its Way: One of the Biggest Changes to the Internet

["Gomes, Chuck" <cgomes@xxxxxxxxxxxx>]

In the previous phase of testing a non-production zone was used.  The
next step is to do live testing.

Chuck Gomes
 
"This message is intended for the use of the individual or entity to
which it is addressed, and may contain information that is privileged,
confidential and exempt from disclosure under applicable law. Any
unauthorized use, distribution, or disclosure is strictly prohibited. If
you have received this message in error, please notify sender
immediately and destroy/delete the original transmission." 
 

> -----Original Message-----
> From: owner-ga@xxxxxxxxxxxxxx 
> [mailto:owner-ga@xxxxxxxxxxxxxx] On Behalf Of jwkckid1@xxxxxxxxxxxxx
> Sent: Friday, October 12, 2007 1:28 AM
> To: ga@xxxxxxxxxxxxxx
> Subject: Re: [ga] On Its Way: One of the Biggest Changes to 
> the Internet
> 
> 
> Chris and all,
> 
>   The answer is yes very easily.  The vulnerability will be 
> higest durring the early testing phase and some brief time 
> after full implimentation given that full implimentation 
> occurs.  I am relitively sure some undisclosed Chinese IT 
> hackers, perhaps working for the Chinese Govt. are already 
> prepaired to proceed accordingly.
> 
>   Frankly I believe a seperate zone should have been built 
> for the testing phase, and for security reasons down the road 
> I would have insisted that a seperate zone for segmenting off 
> IDN's be maintained indefinately.  Seems the IANA/ICANN is 
> not that concerned for user's security, nor privacy and 
> potential damage which will insue accordingly.
> 
> -----Original Message-----
> >From: "Prophet Partners Inc." <Domains@xxxxxxxxxxxxxxxxxxx>
> >Sent: Oct 12, 2007 12:38 AM
> >To: ga@xxxxxxxxxxxxxx
> >Subject: Re: [ga] On Its Way: One of the Biggest Changes to the 
> >Internet
> >
> >
> >Hi Karl,
> >
> >With the potential problems from long IDN names, could poorly 
> >configured DNS applications possibly create situations of DNS 
> >instability? Could criminal or terrorist organizations 
> launch DoS attacks in this manner?
> >
> >Sincerely,
> >Ted
> >Prophet Partners Inc.
> >http://www.ProphetPartners.com
> >http://www.Premium-Domain-Names.com
> >
> >
> >----- Original Message -----
> >From: "Karl Auerbach" <karl@xxxxxxxxxxxx>
> >To: "Ram Mohan" <rmohan@xxxxxxxxxxxx>
> >Cc: <ga@xxxxxxxxxxxxxx>
> >Sent: Thursday, October 11, 2007 9:40 PM
> >Subject: Re: [ga] On Its Way: One of the Biggest Changes to the 
> >Internet
> >
> >
> >>
> >> Ram Mohan wrote:
> >>
> >>> Numerous other usability issues exist, including some interesting 
> >>> ones such as searchability of IDN names and IDN TLDs.
> >>
> >> It's been a while since I last scanned SIP VoIP 
> implementations for 
> >> DNS vulnerabilities.
> >>
> >> But when I last did it, I found that a lot of VoIP phones had weak 
> >> DNS resolving engines that could be easily confused/killed by long 
> >> names (and IDN names can get long) and long or strange CNAMEs.
> >>
> >> (It is amazing the devices than can be sent into the weeds 
> by giving 
> >> 'em a SIP or HTTP URI/URL that contains a domain name that gets 
> >> mapped via a CNAME into something that is either very long or 
> >> contains the full variety of 8-bit characters without honoring the 
> >> "hostname" character set
> >> constraint.)
> >>
> >> Again, as you say, at the DNS layer, it's all just ASCII 
> labels.  And 
> >> the problems I saw weren't IDN problems, just weak DNS 
> implementations.
> >>
> >> --karl--
> >
> =======
> 
> 'Regards,
> Jeffrey A. Williams
> Spokesman for INEGroup LLA. - (Over 277k members/stakeholders 
> strong!) "Obedience of the law is the greatest freedom" -
>    Abraham Lincoln
> 
> "Credit should go with the performance of duty and not with 
> what is very often the accident of glory" - Theodore Roosevelt
> 
> "If the probability be called P; the injury, L; and the 
> burden, B; liability depends upon whether B is less than L 
> multiplied by
> P: i.e., whether B is less than PL."
> United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947] 
> ===============================================================
> Updated 1/26/04
> CSO/DIR. Internet Network Eng. SR. Eng. Network data security 
> IDNS. div. of Information Network Eng.  INEG. INC.
> ABA member in good standing member ID 01257402 E-Mail 
> jwkckid1@xxxxxxxxxxxxx
> 
>