[dns-operations] Where to find "DNS resolution path corruption"?

Stephane Bortzmeyer bortzmeyer at nic.fr
Wed Feb 20 09:30:02 UTC 2008

On Tue, Feb 19, 2008 at 07:56:18PM -0500,
 David Dagon <dagon at cc.gatech.edu> wrote 
 a message of 70 lines which said:

> Your list of dumb DNS things

BTW, ISP are not dumb. They will probably (unfortunately) block port
53 outbound, not because they are dumb but because there is money to
make (by mangling the DNS answers) and because the MAAWG ideology
"Users should shut up, we know better than they do" dominates
them. They typically see the "end to end principle" as an annoyance.

>   opt-out: In the worst case, notification and consent may be
>   obtained by the user continuing to pay their cable bill.  Here,
>   perhaps the industry group can define best practices.

This certainly should not be defined by the ISP themselves, in the
same way that safety regulations for food or drugs are not set by
Coca-Cola or Pfizer. This is a consumer protection or consumer rights
issue. (A mild regulation could be to ask every provider to *document*
such limitations in the spirit of RFC 4084.)

More information about the dns-operations mailing list