Thread:Comments:ICANN approves .xxx domain for pornography/.xxx is a really dumb idea... but not for the reasons given/reply (2)

They won't though. The reasons explained in RFC 3675 are still valid today. Either the filtering will be completely ineffective or it may actually allow one to confuse filtering software by creating phony A records. If filtering software just filters requests to .xxx domains, it is trivially easy to retrieve the IP address of the server from a third-party source and send a request that way, ignoring the DNS altogether. This is why when Wikileaks lost their domain, you could still access it using their IP address.

If it filters by IP and just uses the .xxx zone files to know where to find 'naughty' IPs, then there is a trivial attack one can do: you register a .xxx domain and point it to a third-party site you want to get filtered even though it isn't pornography. Someone will do this and a legitimate site like, I dunno, wikipedia.org or whitehouse.gov will become inaccessible because someone has pointed an unrelated .xxx domain at it.

Trust me, the more you think about .xxx, the sillier it gets. I've been thinking about it since it was first mooted and it really is ridiculous.