[dns-operations] Can Root DNS server modify the response?

Frank Habicht geier at geier.ne.tz
Tue Mar 26 18:21:12 UTC 2019


On 26/03/2019 18:18, David Conrad wrote:
> On Mar 26, 2019, at 2:36 AM, Jeroen Massar <jeroen at massar.ch
>> Noting that Mozilla with their firefox is clearly steering towards
>> DoH, "as ISPs are not to be trusted" 
> AFAIK, Cloudflare hasn’t mucked with responses. Some ISPs have. Ergo...

Hmmm. I object to the "Ergo..."

The fact that CF hasn't mucked does _not_ make them better than $my_isp. [1]

It also doesn't make CF better than $my_isp resolver for my family who
might not be following this mailing list.

So if Mozilla still intend to change default behaviour without informing
every user, despite better local alternatives (with a party you can hold
accountable, and question about further information use) then ...
[to make it clear: I don't consider that an improvement]


PS: regarding motivations: I guess CF is not in the mucking business,
more in the collecting area, while some ISPs might get more
(short-term?) gain from mucking.

[1] I know for sure, because I happen to have enable at $my_isp to both
$dns_infra and $forwarding_infra

$my_isp resolver: 1-2ms 48ms
(the other 2 quads): better than

More information about the dns-operations mailing list