North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Non-English Domain Names Likely Delayed

  • From: Iljitsch van Beijnum
  • Date: Tue Jul 19 06:50:07 2005

On 19-jul-2005, at 12:11, Brad Knowles wrote:

[need to trust the DNS system]

Actually, you don't. If the DNS provides false information, the public
key crypto will catch this. Sure, you won't be able to communicate, but
you can't be fished that way.

    What public key crypto are you talking about?
The public key crypto that powers the authentication in SSL.

I don't see why this would need to be "fixed". We're not talking about
5 year olds, people need to be able to cross the road without someone
holding their hand.

You're on a slippery slope here. At what point do you think that you can stop protecting the users? How do you justify that?
I justify it because "protecting" users agains the fact that similar looking/sounding names actually map to completely different things ultimately can't be done, so it's better to not do it at all so users get burned by relatively harmless examples of this phenomenon (www.gougle.com and the like) so they understand it and foster the appropriate level of distrust.