Livingood, Jason wrote: >> TLDs, including your own zones. This is indeed not just Site Finder >> all over again - it's far worse, and breaks far more applications than >> Site Finder did. > > Please do send me that list of applications. I would very much like to > describe these use cases in the next version of the draft.
Please list "The Internet" as one of them, it kinda encompasses a lot of others too. I am *VERY* happy that DNSSEC is moving along perfectly fine which will kill any kind of changing DNS results. Just a little example that even clued operators(*) get it wrong: https://lists.dns-oarc.net/pipermail/dns-operations/2009-July/004217.html Btw it also does it for IPv4 IPs: $ dig +short @208.67.220.220 127.0.0.1 67.215.65.132 $ dig +short @208.67.220.220 1.2.3.4 67.215.65.132 For that matter when the Internet in general gets too filtered by the ISPs in the middle, people will start using other methods. Crypting&signing data to avoid modification will be the first steps. Those kind of applications, like BitTorrent which is a great example will rise outside of any IETF and get deployed and there is nothing that an ISP will be able to do about it unless they wall-garden the whole thing to just allow direct talking to specific servers and nothing else, but that won't be the Internet anymore of course.... Greets, Jeroen * = IMHO OpenDNS folks are doing a good job and they definitely know about the technical problems/challenges involved in the service they are providing, but they, like everybody else, are simply unable to catch all problems and foresee how applications (mis)use the DNS.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop