RE: [ga] Collisions in RFC 1535 space

[Harald Tveit Alvestrand <harald@alvestrand.no>]

At 02:02 12.04.2001 -0700, Roeland Meyer wrote:
> > The Panel notes RFC 1535, which points out that domain names
> > with two alpha
> > characters (eg. au.com.au) could 'trick' some types of client
> > software, thereby
> > giving rise to possible security problems where the domain
> > name is the same as a
> > ccTLD.  Potentially, a domain name that is the same as a gTLD
> > (eg. com.net.au)
> > could be misused in the same manner.  The Panel therefore recommends a
> > prohibition on domain names that match TLDs.
>
>The panel is stoned, or should be. Both the decision and the reason are pure
>horseshit. CERT (www.cert.org) has never documented an exploit of that
>nature, nor has anyone else, AFAICT. If I had any part of whatever they've
>been smoking, I couldn't do my job. Apparently, they can't either. You can
>quote me, verbatum.

The problem WAS very real in 1993 when RFC 1535 was issued - not as an 
exploit (it was a friendlier net back then), but as an user confusion problem.
One of the first publicly acknowleded victims was apparently the owners of 
edu.com.

A few years back (Sept 1998), the .no domain owners did a survey - sniffing 
traffic in the UNINETT backbone, looking for queries that targeted .com.no, 
.no.no and similar domains, which you would expect to see if this was still 
a problem in Norway.
The number of queries was microscopic (approximately 0.54% of the number of 
.com queries observed).

As a result, the Norwegian domain name owners dropped the blanket refusal 
to register two-character domains.

It was once a sensible thing to forbid. It does not seem to be terribly 
relevant any more.

                  Harald




--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html