[dns-operations] charter, sitefinder, opendns (slashdot today)

Paul Vixie paul at vix.com
Thu Feb 15 22:26:07 UTC 2007

> Besides the performance implications, there are a -lot- of security 
> implications, too.  Now, it's certainly possible to argue that censorship 
> is the ultimate security problem, but there are already ways to route 
> around (pardon the pun) that sort of thing using VPN/tunneling 
> technologies which can be obfuscated to one degree or another.

no isp can afford to meddle in the affairs of tcp/443, simply because it
could be somebody hitting the BUY button inside Yahoo Store.  this makes
dns-over-https a safe alternative, and less stateful than a VPN, so more
likely to be widely deployed by an audience like opendns's.

the fact that it's bad technology won't stop it.

More information about the dns-operations mailing list