[whatwg] Dealing with UI redress vulnerabilities inherent to the current web
Elliotte Harold
elharo at metalab.unc.edu
Tue Sep 30 08:02:58 PDT 2008
Kristof Zelechovski wrote:
> If you set up a mirror with the same host name as the content provider has,
> you will probably get sued for identity theft, cybersquatting, forgery or
> whatever.
>
No, only the content provider (really the domain name owner) can set up
these mirrors. This is nothing new. This is how the web and DNS work
*today*. Many high volume sites such as www.google.com, www.amazon.com,
www.nytimes.com, and so forth--send you to different physical boxes
depending on where you're connecting from. These boxes are usually
chosen to be close to the end user. For instance, a reader on the east
Coast might get www.nytimes.com in New York but one on the West Coast
might get a box in Los Angeles. A reader in Japan might get a box in
Japan. (I don't know if this is actually how the NYT seets up its
servers or not. Some tracerouting from different locations might find
out quickly.)
Large content providers already move their content closer to the end
user. They do this by physically locating boxes with the same host name
and fancy DNS and router tricks. The details are complex, which is why
CCNAs get the big bucks. But they do not do this by linking to 3rd party
content.
--
Elliotte Rusty Harold elharo at metalab.unc.edu
Refactoring HTML Just Published!
http://www.amazon.com/exec/obidos/ISBN=0321503635/ref=nosim/cafeaulaitA
More information about the whatwg
mailing list