[dns-operations] If I were the suspicioustype....(was:DNSAmplification Attacks)

Per Heldal heldal at eml.cc
Fri Mar 24 01:06:23 UTC 2006

On Thu, 23 Mar 2006 18:05:28 -0600, "John Palmer (NANOG Acct)"
<nanog at adns.net> said:
> You  need one if your ISP doesn't provide a resolver that
> uses and alternate root. That is, unless you run your own
> resolver locally on your machine and give it an INS root
> hint file.

If there is consensus that resolvers are to be considered private
resources you should provide access to such as just that. I.e. provide
remote users with a VPN-service.

> Most people don't do that, Stephane. I stand by
> my statement - most users will need to use an ORN

Most users wouldn't know what you're talking about. How many users
outside the tech community use anything else than what their provider
tells them, or even know or care? 

> Show how they could otherwise do it.

As stated above. Private resources are accessed through private
networks.  Or in this case: alt-root operators can provide their users
with the knowledge and softare neccessary to run their own private
resolver ;)

  Per Heldal

More information about the dns-operations mailing list