|This is of course the correct way to implement an "intranet zone". |It has, however, one serious drawback: you have to configure it. |Consumer product manufacturers like Microsoft want their product |to work as much "out of the box" as possible. Since there is no intranet for most consumers this seems like largely a non-issue. Those with intranets in their home probably know enough to configure it properly. And businesses should have IT departments whose job it is to manage it. So what's the problem? |It doesn't even work with the default configuration of Windows, |because the basic assumption that every host with an FQDN in the |same DNS domain as the client is also in the intranet zone is |flawed. There are perfectly legitimate configurations where this |is not the case. Not only legitimate, but increasingly common. Cable modem customers, for instance, tend to have their entire region in the same "intranet": eg customer.ne.mediaone.net. I assure you that you don't want to treat the entire northeast region of MediaOne customers as trusted in any way, shape, or form. jim
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:38:32 PDT