On 20/11/2009, at 3:04 PM, Brett Fenton wrote: > They aren't 'redirecting' anyone. Which is what Verisign did by wildcarding in > the root. > > The only thing I see the service doing is not DNS at all. > > They detect a failed lookup (only on HTTP requests), and they return custom > HTTP content to the browser. They don't redirect a failed domain lookup to > some other domain. There is no such thing as a "failed lookup on an HTTP request". HTTP does not do DNS, DNS does. So what happens is - Person attempts to access site www.doesnotexist.tld - Browser initiates connection to site www.doesnotexist.tld - Stub resolver (on the PC) attempts to resolve address of site www.doesnotexist.tld - Local resolver (telstra) resolves address of site www.doesnotexist.tld and finds doesnotexist.tld does not exist - Local resolver (telstra) synthesises answer by giving address of site www.spoofed.tld in place of www.doesnotexist.tld - Stub resolver gets reply with address of www.spoofed.tld - Browser connects to address of www.spoofed.tld - Person ends up on www.spoofed.tld The DNS lookup does not contain any information on what protocol it is doing the lookup for. It could possibly be inferred by looking for www at the front of the host being looked up, but that is all, and I doubt very much that is happening. The HTTP request does not get onto the wire until well after the DNS request is dealt with. kind regards Jay -- Jay Daley Chief Executive .nz Registry Services desk: +64 4 931 6977 mobile: +64 21 678840Received on Thu Nov 19 2009 - 18:23:04 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:10 UTC