On Thu, Oct 09, 2003 at 01:53:57PM -0700, [EMAIL PROTECTED] wrote: > [snip] > Many sites use the most basic monitoring, i.e. pinging the server. Some > add an additional level of monitoring by attempting to connect to specific > ports (i.e. 80). It is unknown what type of monitoring MP3.com employs. > However if they were only using one or both of these basic techniques, > they would not have noticed the problem.
Using mp3.com as a poster child for this might be distracting from your point. Remember that this is by no means the first high profile domain registration that was overlooked when it came time to renew. Many have come before, and they didn't have the Verisign wildcard or sitefinder to blame. ;) The almost-valid unintended consequence with the Verisign wildcard and sitefinder in place is this: If you have a set of monitoring systems that resolve a hostname, attempt to connect to the smtp port on that host, and attempt to connect to the http port on that host, you will likely miss the domain name's demise if the name expires or is removed from the COM or NET TLD zonefile. In theory, your monitoring system will connect to the sitefinder service when its DNS lookup returns the IP address for the wildcard record. Did Verisign's action expose a flaw in this theoretical monitoring system's simplistic methodology? Yes. Should the monitoring system be doing more sanity checks? Yes. Is this a valid concern in regards to sitefinder? Probably -- although like all concerns regarding this topic, it needs to be presented accurately and objectively. I believe this example falls into the "numerous minor yet unintended consequences requiring a non-trivial cumulative amount of time to modify systems to accommodate" category. ;) -jeff -- Jeff Godin <[EMAIL PROTECTED]> Jedin Technologies
