From owner-freebsd-hackers@FreeBSD.ORG  Tue Sep 16 19:20:33 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1A99116A4B3
	for <freebsd-hackers@freebsd.org>;
	Tue, 16 Sep 2003 19:20:33 -0700 (PDT)
Received: from basement.kutulu.org (pcp03610121pcs.longhl01.md.comcast.net
	[68.49.239.235])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2408A43FB1
	for <freebsd-hackers@freebsd.org>;
	Tue, 16 Sep 2003 19:20:32 -0700 (PDT)
	(envelope-from kutulu@kutulu.org)
Received: from wombat.localnet (wombat.localnet [192.168.69.3])
	by basement.kutulu.org (Postfix) with ESMTP
	id 59A94A9F4; Tue, 16 Sep 2003 22:20:31 -0400 (EDT)
Received: by wombat.localnet (Postfix, from userid 1001)
	id 31E55B926; Tue, 16 Sep 2003 22:20:31 -0400 (EDT)
Date: Tue, 16 Sep 2003 22:20:31 -0400
From: Michael Edenfield <kutulu@kutulu.org>
To: John Polstra <jdp@polstra.com>
Message-ID: <20030917022030.GE84494@wombat.localnet>
Mail-Followup-To: John Polstra <jdp@polstra.com>,
	"M. Warner Losh" <imp@bsdimp.com>, freebsd-hackers@freebsd.org,
	dan@langille.org, cliftonr@lava.net
References: <20030916.180417.44250294.imp@bsdimp.com>
	<XFMail.20030916172804.jdp@polstra.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="LSp5EJdfMPwZcMS1"
Content-Disposition: inline
In-Reply-To: <XFMail.20030916172804.jdp@polstra.com>
X-Mailer: Mutt http://www.mutt.org/
X-Accept-Language: en
X-PGP-Key: http://www.kutulu.org/pgp/kutulu.asc
X-PGP-Fingerprint: 1CE0 3C31 7013 D529 406D  37DC 09CC CD84 A46C 878F
User-Agent: Mutt/1.5.4i
cc: freebsd-hackers@freebsd.org
cc: dan@langille.org
cc: cliftonr@lava.net
Subject: Re: Any workarounds for Verisign .com/.net highjacking?
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Sep 2003 02:20:33 -0000


--LSp5EJdfMPwZcMS1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* John Polstra <jdp@polstra.com> [030916 21:27]:

> True, we could probably do it.  I guess we'd have to generate a few
> random and unlikely queries, try them, and see if all/most of them
> resolve to the same address.  Or maybe the to the same small set of
> addresses, depending on how determined Verisign is to make this work.

"*.net" should work, since they basically added a * A record to .com and
=2Enet. =20

> I just _love_ how Verisign doesn't even have a reverse DNS record for
> that address.  Jerks.

root@basement:/usr/src# host 64.94.110.11
11.110.94.64.IN-ADDR.ARPA domain name pointer sitefinder-idn.verisign.com

--Mike

--LSp5EJdfMPwZcMS1
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQE/Z8TuCczNhKRsh48RApjdAJ9FCnStCB97Dk5Dl1xmwvmO+kqf3ACffjLg
DlDs4l2FiHSFG1ExVYxEzpM=
=OP+j
-----END PGP SIGNATURE-----

--LSp5EJdfMPwZcMS1--