[dns-operations] Too Open (Was: OpenDNS makes your Internet work better

Paul Vixie paul at vix.com
Tue Jul 11 17:43:45 UTC 2006

> ...  In fact, I can't imagine a reason why you wouldn't use OpenDNS.  ...

i'll provide four, off the top of my head.

1. because i use the for things other than web surfing.
2. because i need a reliable source of NXDOMAIN data.
3. because i want to keep DNS open to non-web applications.
4. because i don't want any central authority to see what Q's i'm asking.

i realize that #1 and #2 marginalize me compared to the unwashed masses
who think that the web is the internet or vice-versa, and just want their
porn and their myspace and so on.

i realize that #4 also marginalizes me compared to the folks who use google
directly rather than sending their queries through proxies.  you folks also
probably use a frequent-buyer card at your supermarket, rather than using
the phone numbers of random people to confuse the market research people.

but i do not think #3 marginalizes me at all.  i am surprised to see smart
ethical folks who ordinarily see all the way to, and often beyond, the
horizon, launch a service which depends for its revenue on a <cause,effect>
tuple which will discourage new non-web services from using DNS.

typosquatting is bad for the community, and it doesn't matter whether it's
done with actual NS RRs, or things like TLD wildcards (a la sitefinder) or
in the recursive resolvers (like many ISP's now do, and now opendns does.)

that having been said, if typosquatting is going to be done, opendns is the
best way to do it among the ways i've seen.  kudos to davidu and his team
for the quality of their implementation and the openness of their launch.

More information about the dns-operations mailing list