On 11/5/13, 11:01 PM, "Mark Andrews" <ma...@isc.org> wrote:
>In message <20131106033003.gb6...@dyn.com>, Andrew Sullivan writes: >> On Tue, Nov 05, 2013 at 07:57:59PM -0500, Phil Bedard wrote: >> > >> > I think every major residential ISP in the US has been doing this for >>5+ >> > years now. >> >> Comcast doesn't, because it breaks DNSSEC. > >Only if you are validating. Exactly. And this was one of the central arguments that helped defeat the DNS redirection portions of SOPA/PIPA/ProtectIP/COICA. Jason
