From owner-freebsd-hackers@FreeBSD.ORG  Tue Sep 16 17:21:00 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DA32316A4D6
	for <freebsd-hackers@freebsd.org>;
	Tue, 16 Sep 2003 17:21:00 -0700 (PDT)
Received: from malasada.lava.net (malasada.lava.net [64.65.64.17])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C7C5D43FCB
	for <freebsd-hackers@freebsd.org>;
	Tue, 16 Sep 2003 17:20:59 -0700 (PDT)
	(envelope-from cliftonr@lava.net)
Received: by malasada.lava.net (Postfix, from userid 102)
	id C6D6A153D71; Tue, 16 Sep 2003 14:20:54 -1000 (HST)
Date: Tue, 16 Sep 2003 14:20:53 -1000
From: Clifton Royston <cliftonr@tikitechnologies.com>
To: "M. Warner Losh" <imp@bsdimp.com>
Message-ID: <20030916142052.B28748@tikitechnologies.com>
Mail-Followup-To: "M. Warner Losh" <imp@bsdimp.com>, jdp@polstra.com,
	dan@langille.org, freebsd-hackers@freebsd.org
References: <3F673E27.29338.6E87ACC@localhost>
	<XFMail.20030916145304.jdp@polstra.com>
	<20030916.175558.10083602.imp@bsdimp.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <20030916.175558.10083602.imp@bsdimp.com>;
	from imp@bsdimp.com on Tue, Sep 16, 2003 at 05:55:58PM -0600
cc: freebsd-hackers@freebsd.org
cc: dan@langille.org
cc: jdp@polstra.com
Subject: Re: Any workarounds for Verisign .com/.net highjacking?
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Sep 2003 00:21:01 -0000

On Tue, Sep 16, 2003 at 05:55:58PM -0600, M. Warner Losh wrote:
> I think we should put a filter for this nonsense into the base
> system.  Hack the resolve to filter out the adddress, and hack bind to
> filter it out too.  that way we can leverage our position in the name
> servers in the world to do something about this BS.

  IMHO the correct behavior would be to discard any wildcard RR at any
TLD zone.

  I found most of the discussion seems to be going on on NANOG. 
(Apparently they're not the first, BTW; some CC TLDs have been doing it
for a while, as have some of the new TLDs like .museum.  It's just that
it was a noise-level problem until it affected .com and .net)

  The ISC has announced it expects to have a patch by Wednesday. 
That's better than I'd hoped.  Thanks for all the feedback I've got,
BTW.

  <http://apnews.excite.com/article/20030916/D7TJOF3G0.html>
  -- Clifton

-- 
          Clifton Royston  --  cliftonr@tikitechnologies.com 
         Tiki Technologies Lead Programmer/Software Architect
Did you ever fly a kite in bed?  Did you ever walk with ten cats on your head?
  Did you ever milk this kind of cow?  Well we can do it.  We know how.
If you never did, you should.  These things are fun, and fun is good.
                                                                 -- Dr. Seuss