On 05/07/12 16:39, Daniel Veditz wrote:
However, given that it was a .com domain which started all this fuss, I
thought it was worth posting publicly in case anyone had any comments.
Have they revoked all the previously spoofing domains? Have they
audited all their existing domains to make sure there aren't
additional ones in there that violate their new rules? What is their
transition plan for the domains that do exist?
Their new rules going forward sound fine, it's any grand-fathered
mess I'm worried about. I'm especially worried if you proceed with
your currently stated plan of preserving the whitelist even after
the new algorithm lands.
Sorry for the delay here; Verisign said:
"You are correct that in conjunction with our agreements and
consultation with ICANN we grandfather domain names that no longer meet
updated IDN standards and policies.
As with the introduction of IDNA2008 and previous updates Verisign goes
through a process of communication with the registrar channel to
identify specific domain names that are no longer compliant, and
potential implications of allowing those domain names to continue in the
DNS. Verisign has provided a wholesale registration fee refund for the
remaining term left on such disallowed registrations when the registrar
works with the registrant to replace the disallowed registration with
one that is allowed.
Separately, Verisign has an internal process place to address reported
malicious use of domain names in cases such as malware, phishing, etc..."
I personally am happy with this "grandfathering plus proactive
observation" method. I suggest that requiring wholesale revocation of
registrations is unrealistic, and disruptive to domain owners who
registered their domains in good faith.
So, unless there are further objections, I plan to take this addition
forward.
(This is bug https://bugzilla.mozilla.org/show_bug.cgi?id=770877 )
Gerv
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security
