Christian Huitema wrote on 2019-03-10 23:05:
On 3/10/2019 10:24 PM, Paul Vixie wrote:
if you are using my network, then it makes no difference which of us
bought you that laptop. you will use the RDNS i allow you to use. RDNS
is part of the control plane, and i use it for both monitoring and
control. sometimes that's so that i can see malware beacon to its C&C.
sometimes that's so that i can institute parental controls.
if you don't like my rules, you should vote with your feet, and not
visit me. because that is the only choice you will have. (yes, i will
be part of a major new project to identify and block all DoH services,
so that behavioural security policies can still work, because you may
have noticed that the internet has never become MORE secure from new
tech, but it occasionally becomes LESS secure more slowly because of
policy.)
"Use a VPN, or use the local defaults".
that is not what i said.
Well, there are plenty of
in-between.
yes, and i gave examples.
see above.
You claim the right to impose your rules, because it is "your network".
Yet you have to define ownership. You are providing network services
under some contractual terms. There are cases where an imperial network
can dictate those terms, but there are also many cases in which the
contractual power of the network is limited -- thinks like fair access,
network neutrality, etc. Just claiming an empire does not automatically
make you the emperor.
my network, my rules. your provider's network, their rules. they are
more likely to have to follow their government's laws of commerce and
privacy than i am likely to have to follow mine. but if the rules your
network operator can make allow you to do what you want, use that
network. that's invariant, for all networks, and for all instances of you.
--
P Vixie
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop