[NCAP-Discuss] Update on wpad.domain.name
Thomas, Matthew
mthomas at verisign.com
Wed Feb 16 14:33:46 UTC 2022
NCAP DG,
I would like to provide a brief update on wpad.domain.name.
Immediately after the ‘wpad.domain.name’ security threat was discovered in 2017, Verisign contacted D-Link[1] about their suffix search list misconfiguration and we have subsequently contacted them again. Verisign recently received a response from D-Link stating the effected devices are now deemed the End-of-Life/End-of-Service [2]. Verisign also contacted the registrar of record to enquire about its use. The registrar acknowledged the security threat WPAD poses, and they placed the domain on clientHold, which prevents the domain to resolve.
Matt Thomas
Verisign
[1] http://mm.icann.org/pipermail/gnso-newgtld-wg-wt4/2017-October/000187.html
[2] https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10268
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/ncap-discuss/attachments/20220216/3b6969af/attachment.html>
More information about the NCAP-Discuss
mailing list