Verisign bogosity {Scanned by HJMS}
John Rudd
jrudd at UCSC.EDU
Tue Sep 16 18:32:16 IST 2003
On Tuesday, Sep 16, 2003, at 09:59 US/Pacific, Furnish, Trever G wrote:
>
> Which will just lead to a battle with verisign as they begin to rotate
> their
> addresses - it won't solve the problem.
>
It does become yet another game of whack-a-mole, yes. And I don't know
if those patches are set up to be configurable (ie. as verisign rotates
addresses, how hard is it to add them to a config file? or do you have
to recompile?). It may even come down to a new DNSBL that is based
around tracking verisign's stupidity.
The actual solution would probably have to involve trying to put
verisign out of business (or trying hard enough that it causes verisign
to have to adjust their business practices). I know of people who are
dumping their stock at verisign and sending them "we will not renew our
certs with you" letters. I also know of people who are sending letters
to ICANN.
I'm personally not sure which avenue I'll take. I'm just providing
information about some of the solutions so that other people can choose
their own paths as well.
More information about the MailScanner
mailing list