On Tue, Jul 14, 2009 at 11:26:42PM +0200, Stephane Bortzmeyer wrote: > DNS lying resolvers are not a solution to an actual problem > (otherwise, doing it as an opt-in service would be sufficient).
I cannot agree, as much as I would like to. If there weren't an "actual problem" here to be solved, nobody would be trying to do it. Just because I don't think typos in DNS names are hard to fix does not mean that there isn't a service there some people like (I have no idea whether they actually like it; I have seen zero studies of actual user impressions of these things). Just because I know how to avoid going to phishing and malware sites does not mean it is within the competence of the average user. And just because I think the cost of running a DNS server that generates no revenue is "just the cost of doing business" does not mean that the CFO of my favourite ISP agrees. Dismissing the things that people are actually doing on the network as solutions to non-problems is, I say, _exactly_ how we got to the point where NATs are used even when they're not needed, how we got firewalls that refuse to allow TCP over port 53, and so on. We can either listen to those who are proposing to do things, and try to come up with ways to limit the harm while pointing out the harm that is thereby done, or we can stamp our little feet and insist that they run their networks by our rules. I have little faith that path 2 will work. A -- Andrew Sullivan a...@shinkuro.com Shinkuro, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
