[dns-operations] If I were the suspicious type.... (was: DNS Amplification Attacks)

John Palmer (NANOG Acct) nanog at adns.net
Wed Mar 22 23:40:32 UTC 2006

If I were the suspicious kind, I would think that maybe this is being
used as a way to stop the seemingly unstoppable Inclusive Namespace

One of the things that make it work is the ability to allow internet 
users to route around a stubborn ISP. Your ISP doesn't support
Public-Root or UnifiedRoot or ORSC? - Well all of those organizations
have a dozen or so each of public resolvers.

If, and only if, I were the suspicious type, I may think that the old guard
that supports ICANN (ISC and its ilk) may be seeing this as an 
opportunity. Make a big stink about this socalled "security problem"
and then advise ISPs to block outbound port 53, thereby denying 
their users a choice of DNS providers. 

On the other hand, there may be a real risk here. We shall see.

More information about the dns-operations mailing list