On Wed, Jan 08, 2014 at 08:51:00PM +0000, Jeff Schmidt <[email protected]> wrote a message of 110 lines which said:
> Please look here: > > http://domainincite.com/15512-controlled-interruption-as-a-means-to-prevent-name-collisions-guest-post > Will serving localhost IPs cause the kind of visibility required to > inspire action? I suspect that, in many cases, the leak comes from systems which are not under the direct control of the system administrator. 1) Jane Sysadmin, who works for Acme Corp, decides (wrongly) to use .HOME for the local pseudo-TLD of Acme 2) Employees of Acme Corp stores bookmarks in their Web browser, some bookmarks include ".home/", for instance http://corpinfo.home/ 3) Joe Employee goes back home with his laptop or pad and selects the wrong bookmark. Bang! A DNS request for corpinfo.home is done (and elicits a 127.0.53.53 response to the poor Joe). But Jane Sysadmin will never see it or heard about it. Even the NSA, monitoring the root name servers, will not know that it is related to Acme. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
