A far better "solution" would be to instead segregate with different DNS server IPs.
ISPs already have multiple DNS resolvers (eg, "no wildcarding" resolvers, DNSSEC test resolvers). And the ISP knows if its giving out a v6 address or not for a client and routing IPv6 for that client. And even then, I really wonder about the benefit. I also object somewhat to the claim that you can't necessarily diagnose the cause. With a combination of Java and JavaScript, plus user-agent examining, you probably can to a great degree, especially if you can convince the user to say "OK" to the signed applet. But even without that, I'd suspect that with only a few root causes you could build a nice auto-diagnoser. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
