I don't understand this entire debate. I am sorry. Can somebody please frame it?
My understanding is that if there is a rightside dot... that the domain is "fully qualified". I know for a fact that, even with the foregoing, if somebody locally wants to rewrite a domain there is nothing that is going to stop them. I think this is a feature, not a bug. OK, sure, you could tunnel out to an "objective" nameserver if you were trapped in the Hotel California, at least in theory. But if somebody wants to have microsoft.my-bad-private-idaho--nobody-knows-about.info: does anybody outside of Microsoft (r) care? Who cares if they care? So what, exactly, *is* the security implication? I suppose the implication is somebody registering webmaster. or info. or sales. or www. or something else called out in any of a number of RFCs; ands I would *hope* that that has been dealt with in the current TLD application process. So as a thinking exercise let's think about something like "sales". Somebody types "http://sales/"; into their browser. Now if their resolv.conf has warfarin.com in it, we can at least hope that they will be directed to sales.warfarin.com. But if they don't.. and there aren't some commonsense rules, where do they go? What TLD do they get sent to? Is this decided by who the highest bidder is, or the day of the week, or cycle of the moon, or what? Commonsense would be that if it doesn't resolve they go nowhere. More likely, practically speaking, it will be decided by whatever search engine has a deal with the makers of their web browser. Where mail goes may be entirely somewhere... entirely different. So this is not a DNS question at all. I dunno, I guess I don't go to enough meetings. -- Fred Morris _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
