Re: [DNSOP] Public Suffix List

bert hubert <bert.hubert@netherlabs.nl> Mon, 09 June 2008 12:41 UTC

Return-Path: <dnsop-bounces@ietf.org>
X-Original-To: dnsop-archive@lists.ietf.org
Delivered-To: ietfarch-dnsop-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2E69B3A69C3; Mon, 9 Jun 2008 05:41:02 -0700 (PDT)
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 127413A69C3 for <dnsop@core3.amsl.com>; Mon, 9 Jun 2008 05:41:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.155
X-Spam-Level:
X-Spam-Status: No, score=-0.155 tagged_above=-999 required=5 tests=[AWL=0.349, BAYES_00=-2.599, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c-Fc+ptNzXh8 for <dnsop@core3.amsl.com>; Mon, 9 Jun 2008 05:41:00 -0700 (PDT)
Received: from outpost.ds9a.nl (outpost.ds9a.nl [85.17.220.215]) by core3.amsl.com (Postfix) with ESMTP id 1A1AA3A6818 for <dnsop@ietf.org>; Mon, 9 Jun 2008 05:41:00 -0700 (PDT)
Received: by outpost.ds9a.nl (Postfix, from userid 1000) id 942894575; Mon, 9 Jun 2008 14:41:31 +0200 (CEST)
Date: Mon, 9 Jun 2008 14:41:31 +0200
From: bert hubert <bert.hubert@netherlabs.nl>
To: Edward Lewis <Ed.Lewis@neustar.biz>
Message-ID: <20080609124131.GE15706@outpost.ds9a.nl>
Mail-Followup-To: bert hubert <bert.hubert@netherlabs.nl>, Edward Lewis <Ed.Lewis@neustar.biz>, dnsop@ietf.org
References: <484CFF47.1050106@mozilla.org> <484D1533.4060300@spaghetti.zurich.ibm.com> <B33086268D53A0429A3AA2774C83892C028E1694@KAEVS1.SIDN.local> <20080609121146.GC15706@outpost.ds9a.nl> <a06240800c472cfe28042@[0.0.0.0]>
Mime-Version: 1.0
Content-Disposition: inline
In-Reply-To: <a06240800c472cfe28042@[0.0.0.0]>
User-Agent: Mutt/1.5.9i
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] Public Suffix List
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsop-bounces@ietf.org
Errors-To: dnsop-bounces@ietf.org

On Mon, Jun 09, 2008 at 08:33:30AM -0400, Edward Lewis wrote:
> If the browsers do implement a check based on TLD name, I bet they 
> are also gullible enough to implement RFC 3514.

Browsers already implement a lot of 'supra-dns' knowledge. Try visiting a
known malware or phishing site these days with a good browser. It is not the
sort of mathematically proven protection we all crave but I'm not going to
stand in their way of improving the security of a typical browsing session.

A lot more useful than 3514 for sure.

Raising bars is not perfection, but it still raises the bar.

	Bert

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop