On Thu, Feb 26, 2015 at 6:35 AM, Neil Cook <[email protected]> wrote:
I think we are actually in violent agreement here. > On 23 Feb 2015, at 14:20, Phillip Hallam-Baker <[email protected]> > wrote: > > > > Busting the DNS middleboxen provided by ISPs to residential users is a > very different matter. They are selling Internet connectivity and their > customer has a right to get what they paid for, not a walled garden > controlled by the ISP. But in practice it isn't the walled gardens that are > the problem so much as clueless gateways that the ISPs often don't even > know are doing DNS interception. > > > > > Whilst I don’t deny that ISPs are using middelboxes for things like > advertising etc, it should also be pointed out that many ISPs are concerned > about security, and may be using middleboxes to protect users from things > like hijacking, detecting C&C in the DNS stream, detecting lookups to known > phishing/malware sites etc. > Comodo provides that type of service. As I said, the fact that a crook has bought a DNS domain name does not mean I have to allow my computers to connect to it. A lot of folk who can't understand why DNSSEC take up at the client has been limited need to understand such things. The question is who chooses the filtering service. I do not have much of a choice in ISPs. I do not want either to be able to filter my content without being accountable for their actions to me. Assuming what users want or saying that they aren’t getting what they paid > for is quite dangerous IMO. For example, many users sign up to third-party > DNS services like OpenDNS, because they effectively *are* are a walled > garden, or they may choose an ISP because it filters adult sites using DNS > (such as happens here in the UK). We should certainly provide a mechanism that allows consumers to opt back in to such services or to obtain them from a different provider OF THEIR CHOICE. Opting out from David Cameron's smut filter is another objective here. Back when we were at Oxford together, David's idea of a good time was to go out and smash up a restaurant. I don't think he is the sort of person I want to decide that I have to have censorship because the Daily hate wrote a couple of their scare stories.
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
