Home / Blogs

Paul Vixie in Response to Site Finder Controversy

By Paul Vixie VP and Distinguished Engineer, AWS Security

As a domain holder myself (of vix.com), I would not have chosen “.com” for my parent domain name back in 1988 had there been a wildcard domain name [that activates Site Finder service] under “.com”. The risk of someone attempting to reach me but ending up talking to someone else instead would have been seen as “too great”. I am now searching for a new parent domain whose publisher will guarantee me, in perpetuity, that there will be no wildcard name as there now is in “com”.

As an implementer (president of ISC, which publishes bind), I have heard from quite a few members of our user base (both open source users and packaged binary derivative product distributors) that they are concerned about the lack of reliable “name does not exist” indication from the “com” and “net” name servers. Reported impacts include lost e-mail, inability to filter spam coming from forged domains, and concern that the IANA‘s reservations for single-letter domain names are no longer being honored.

To that end, ISC will publish a patch for bind, which allows our users to configure their nameservers to filter out VeriSign’s synthetic responses. While we recognize the autonomy of zone publishers to publish whatever data they see fit, we also recognize the autonomy of DNS data consumers to filter out any content they deem objectionable. Naturally, our patch will not alter the default behavior of bind. Only users who explicitly and knowingly wish to enable the new “filtering” feature will be affected.

By Paul Vixie, VP and Distinguished Engineer, AWS Security

Dr. Paul Vixie is the CEO of Farsight Security. He previously served as President, Chairman and Founder of Internet Systems Consortium (ISC), as President of MAPS, PAIX and MIBH, as CTO of Abovenet/MFN, and on the board of several for-profit and non-profit companies. He served on the ARIN Board of Trustees from 2005 to 2013, and as Chairman in 2008 and 2009. Vixie is a founding member of ICANN Root Server System Advisory Committee (RSSAC) and ICANN Security and Stability Advisory Committee (SSAC).

 Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

View All Topics