Re: Blocking International DNS

[John Levine <johnl () iecc com>]

> the more i think about this, the more i am inclined to consider a second
> trusted root not (easily) attackable by the usg, who owns the root now,

This particular domain grab had nothing to do with the root or ICANN.
If you look at the name servers and WHOIS of the domains that were
seized, you can easily see that the USG served papers on Verisign, who
did what the papers told them to, because they're the .COM registry.

Anyone who registers a .COM really shouldn't be surprised to find out
that Verisign is headquartered in California, and is 100% subject to
US law, not to mention still having a side agreement with DoC about
.COM due to its history.

For several decades the USG has made it crystal clear that they do
not mess with ccTLDs, not even ones for countries they don't like
such as .CU and .IR.  If you want a USG-proof domain, use a ccTLD.

I am somewhat more concerned about the possiblity that the government
would have a mandatory do-not-resolve list for networks in the US.
That would be unlikely to stand up in court, viz. the quick failure
of the Pennsylvania child porn IP blacklist, but the process would
be painful while it unfolded.

Regards,
John Levine, johnl () iecc com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. http://jl.ly