> > If all else fails, I could probably ask the Foundation if they would be > OK to hold those domains -- although at this point they don't have (yet) > a resource to actively exploit data coming from it. > This sounds like a reasonable step. At least we could actively prevent someone else from doing bad things with this. Notification to misconfigured clouds would, of course, be nice... but just stopping the exploit path is a big win. Probably worthwhile to pick up a few other related TLDs at the same time. -bryan -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140103/e17b6955/attachment.html>