This page contains all of the posts and discussion on MemeStreams referencing the following web page: Internet Architecture Board - Architectural Concerns on the use of DNS Wildcards.

Internet Architecture Board - Architectural Concerns on the use of DNS Wildcards
by Rattle at 9:07 pm EDT, Sep 20, 2003

] This document contains a number of observations on
] the implications of the use of wildcards in DNS zones,
] and makes some recommendations concerning their use.

] The Robustness principle tells us that in some (not all) of
] the problems detailed above, both parties could be
] construed as being at fault. In some cases this is hardly
] surprising: spam filtering in particular, by its nature,
] tends to be extremely ad hoc and somewhat fragile.
] No doubt there are lessons here for all parties involved.

] The Principle of Least Astonishment suggests that the
] deployment of wildcards was disastrous for the users.
] It had widesweeping effects on other users of the
] Internet far beyond those enumerated by the zone
] operator, created several brand new problems, and
] caused other internet entities to make hasty, possibly
] mutually incompatible and possibly deleterious (to
] the internet as a whole) changes to their own
] operations in an attempt to react to the change.

] Proposed guideline: If you want to use wildcards in your
] zone and understand the risks, go ahead, but only do so
] with the informed consent of the entities that are delegated within your zone.

Internet Architecture Board tells Verisign no...
by Decius at 9:36 pm EDT, Sep 20, 2003

] In particular, we recommend that DNS wildcards should not
] be used in a zone unless the zone operator has a clear
] understanding of the risks, and that they should not be
] used without the informed consent of those entities which
] have been delegated below the zone.

