[dns-operations] Implementation of negative trust anchors?

Vernon Schryver vjs at rhyolite.com
Fri Aug 23 18:39:40 UTC 2013

> From: WBrown at e1b.org

> > and protect the advertising revenue from those typosquatted domains.
> Why would a typosquatted domain fail DNSSEC?  When DNSSEC is universal and 
> easy to do, it will  be signed from the TLD on down, just like every other 
> domain.

I wasn't talking about the typosquatters who give the registrar and
registry their cuts.

I meant the typosquatters who (at first) replace only NXDOMAINs
(and later decide that what's good for the "legitimate" typosquatters
is good for them).

I assume we all remember the NXDOMAIN typeosquatting kerfuffles.
Are any (potential) eyeball networks (in hotels for example) squatting
on NXDOMAINs today?

Vernon Schryver    vjs at rhyolite.com

More information about the dns-operations mailing list