[dns-operations] charter, sitefinder, opendns (slashdot today)

Duane Wessels wessels at packet-pushers.com
Thu Feb 15 20:14:50 UTC 2007



On Thu, 15 Feb 2007, Paul Vixie said:

> yes.  which is why i'm trying to get mark kosters to dust off his plan for
> carrying DNS messages inside HTML.  udp/53 and tcp/53 are just transports;

Seems like a step sideways to me.  Charter probably already has
HTTP interceptors in place, so they could just as easily block DNS
over HTTP.

> a dns server like BIND could also listen on tcp/80, and if a schema were
> well defined and standardized, then folks like opendns could use it.  then
> we'll see tcp/443 (https) in order to force isp's to keep their hands off.

Maybe we should wish for DNS over SSL/TLS (dnss?) and skip the HTTP
part.  But I doubt guys like OpenDNS would be eager to the SSL
handshakes with all their clients either way.

>> As I mentioned above, how long until Charter's OpenDNS users are forced
>> back to the local cache based on port 53 queries.

How long until domain/content owners realize that its better
to have a wildcard than to return NXdomain?

DW



More information about the dns-operations mailing list