[dns-operations] charter, sitefinder, opendns (slashdot today)
Bruce Campbell
bc-dns at vicious.dropbear.id.au
Fri Feb 16 07:50:44 UTC 2007
>>> If you need a tunnel for DNS, you need a tunnel for everything else.
Meh. Most protocols have the option of TLS being bolted on; once you know
where you need to talk to, you can talk to it securely.
But, since DNSSEC has another '6 months' before being deployed where it
matters to most of the DNS transactions, we're stuck with red-necks waving
their big scatterguns in the general direction of our feet in the name of
ensuring accurate lookups. Vixie-Bob's strawman of DNS-in-HTTPS is just
the latest[1].
Most internet users do not have the option of being able to selectively
customise their internet experience as most of us learned folk do, and
must make do with whatever their Internet Service 'provides' them with.
And the money for the ISPs, sadly, is in twisting various protocols in
ways that aren't quite right.
Stop the madness; get some zones signed that actually matter.
--
Bruce.
[1] Sheesh people, April is still a few months away.
More information about the dns-operations
mailing list