On Fri, Nov 28, 2014 at 08:01:37PM -0500, John R Levine wrote: > > I think we're conflating a bunch of different things here.
Well, one of us is ;-) > Some networks force all port 53 traffic through their own DNS caches. That's > clearly non-consensual (give or take the option to use a different network), > but the networks that do that are all over the place in what rewriting they > do. Yes. If they don't do any rewriting, then they're not doing policy. If they do a little bit (maybe at the beginning, like a captive portal), then they're _still_ implementing policy and non-consensual, but they might shift mode after. > My ISP (Time-Warner) has a DNS cache that usually rewrites NXDOMAIN to an A > record for their search page, but each user can go to a settings page and > say they want the real answers. In that case, the user shifts modes. And if you use the policy-implementing resolver, then it's consensual: you selected it. Best regards, A -- Andrew Sullivan a...@anvilwalrusden.com _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
