[dns-operations] charter, sitefinder, opendns (slashdot today)

Bruce Campbell bc-dns at vicious.dropbear.id.au
Fri Feb 16 07:50:44 UTC 2007

>>> If you need a tunnel for DNS, you need a tunnel for everything else.

Meh.  Most protocols have the option of TLS being bolted on; once you know 
where you need to talk to, you can talk to it securely.

But, since DNSSEC has another '6 months' before being deployed where it 
matters to most of the DNS transactions, we're stuck with red-necks waving 
their big scatterguns in the general direction of our feet in the name of 
ensuring accurate lookups.  Vixie-Bob's strawman of DNS-in-HTTPS is just 
the latest[1].

Most internet users do not have the option of being able to selectively 
customise their internet experience as most of us learned folk do, and 
must make do with whatever their Internet Service 'provides' them with. 
And the money for the ISPs, sadly, is in twisting various protocols in 
ways that aren't quite right.

Stop the madness; get some zones signed that actually matter.


[1] Sheesh people, April is still a few months away.

More information about the dns-operations mailing list