funsec mailing list archives
Re: .secure TLD
From: "Nick FitzGerald" <nick () virus-l demon co uk>
Date: Sat, 12 May 2012 16:06:54 +1200
Ben April wrote:
http://www.darkreading.com/authentication/167901072/security/security-management/240000187/new-i-secure-i-internet-domain-on-tap.html If they really wanted to be secure they would require the implementation of RFC 3514
Well, the whole idea is somewhere between hilarious and blatantly ignorant on its face, so that's funny (as in "funny sad" -- these folk do seem to think they're doing something useful that will make a difference) right off the bat... If they really want to "assure security" they won't let any of their registered domains install any currently-popular web-apps, PHP or, realistically, even a web server. The statement fom the "What is the DPWG?" section of their homepage: The introduction of new global Top Level Domains (gTLDs) both poses new challenges and offers new opportunities to the information security and great Internet communities. The likely introduction of hundreds of new gTLDs has the potential to confuse consumers and create new opportunities for malware hosting, phishing and the creation of DNS-based control channel networks. At the same time, the new gTLDs give us a chance to start fresh and create portions of the Internet where end-users can confidently transact their online lives. is just laughable in its naivety about actual internet crime and malware, which nowadays, and for most of the last 5+ years, has had nothing to do with faking domain names and like. The level of lockdown controls they would have to require of prospective members would scare off (or necessarily prohibit) all but the staunchest few dozen domains and they are doing what they do so well now, that they would see no actual real-world value in adding or moving to a specially-named TLD. Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- .secure TLD Ben April (May 11)
- Re: .secure TLD Nick FitzGerald (May 11)
- Re: .secure TLD Bruce Ediger (May 12)
- Re: .secure TLD valdis . kletnieks (May 12)
- Re: .secure TLD Stephanie Daugherty (May 25)