On 03/28/2013 04:53 PM, Paul Hartman wrote: > On Thu, Mar 28, 2013 at 3:02 PM, Alan McKinnon <alan.mckin...@gmail.com> > wrote: >>>> Or just use the ISP's DNS caches. In the vast majority of cases, the ISP >>>> knows how to do it right and the user does not. >>> >>> Generally true, though I've known people to choose not to use ISP caches >>> owing to the ISP's implementation of things like '*' records, ISPs >>> applying safety filters against some hostnames, and concerns about the >>> persistence of ISP request logs. >> >> I get a few of those too every now and again. I know for sure in my case >> their fears are unfounded, but can't prove it. Those few (and they are >> few) can go ahead and deploy their own cache. I can't stop them, they >> are free to do it, they are also free to ignore my advice of they choose. > > In my case, my ISP's DNS servers are slow (several seconds to reply), > fail randomly when they should resolve, return an IP (which goes to > their ad-laden "helper" website if you are using a web browser) when > they should instead return nxdomain, and they have openly admitted to > selling customer DNS lookup history to marketers for targeted > advertising.
Wow. That's...all the fail. > > Thanks for being one of the good guys. :) > Indeed.
signature.asc
Description: OpenPGP digital signature
