Reactions to the actions taken by Verisign as described in my blog entry from September 16 have been heated and varied. It currently appears that Verisign has no intention of ceasing this nonsense. However, certain internet authorities have finally been heard from today.
The Internet Architecture Board has released an analysis of the use of wildcard DNS records at high levels in the DNS hierarchy. Anyone interested in this situation and its implications is encouraged to read this analysis. Perhaps the best part of the article from my perspective is this: "Proposed guideline: If you want to use wildcards in your zone and understand the risks, go ahead, but only do so with the informed consent of the entities that are delegated within your zone."
The Internet Corporation for Assigned Names and Numbers (ICANN) has also finally broken its silence with the following advisory about the situation. While I usually disagree with ICANN’s tactics, this particular one of actually studying the issue and asking for feedback from other organizations is good. In particular their call for Verisign to voluntarily suspend the operation of their wildcard until the investigation is completed.
As things go, this issue has been little more than a minor technical annoyance to many of us in the industry. However, it was the sheer gall it took on the part of Verisign to say that they were doing this for the good of the internet when they, by their own admission, were profiting from it that got up most of our noses. Not to mention the protocol breakage that is mentioned in the IAB article noted above.
In fairness to Verisign, it should be noted that they were not the first ones to introduce a wildcard into a TLD, simply the most prominent one.