nanog mailing list archives
Re: Yet another Quadruple DNS?
From: Bill Woodcock <woody () pch net>
Date: Thu, 29 Mar 2018 08:29:57 -0700
\On Mar 29, 2018, at 7:27 AM, Brian Kantor <Brian () ampr org> wrote: On Thu, Mar 29, 2018 at 09:08:38AM -0500, Chris Adams wrote:I've never really understood this - if you don't trust your ISP's DNS, why would you trust them not to transparently intercept any well-known third-party DNS?Of course they could. But it's testable; experiments show that they aren't doing so currently.
Experiments may show that in some tested cases they aren’t, but in the big picture, yes, there are ISPs who are internally capturing 8.8.8.8, and who try to do the same with 9.9.9.9. Which is why it’s so important to do cryptographic validation of the server and encryption of the transport, as well as DNSSEC validation. -Bill
Attachment:
signature.asc
Description: Message signed with OpenPGP
Current thread:
- Re: Yet another Quadruple DNS?, (continued)
- Re: Yet another Quadruple DNS? Mike Hammett (Mar 29)
- Re: Yet another Quadruple DNS? Stephane Bortzmeyer (Mar 29)
- Re: Yet another Quadruple DNS? DaKnOb (Mar 29)
- Re: Yet another Quadruple DNS? Chip Marshall (Mar 29)
- Re: Yet another Quadruple DNS? Doug Clements (Mar 29)
- Re: Yet another Quadruple DNS? Izaac (Mar 29)
- Re: Yet another Quadruple DNS? John Kinsella (Mar 29)
- Re: Yet another Quadruple DNS? Brian Kantor (Mar 29)
- Re: Yet another Quadruple DNS? Chris Adams (Mar 29)
- Re: Yet another Quadruple DNS? Brian Kantor (Mar 29)
- Re: Yet another Quadruple DNS? Bill Woodcock (Mar 29)
- Re: Yet another Quadruple DNS? Michael Crapse (Mar 29)
- Re: Yet another Quadruple DNS? Alan Buxey (Mar 29)
- Re: Yet another Quadruple DNS? Stephane Bortzmeyer (Mar 30)
- Re: Yet another Quadruple DNS? Jimmy Hess (Mar 29)
- Re: Yet another Quadruple DNS? Stephane Bortzmeyer (Mar 29)
- Re: Yet another Quadruple DNS? Baldur Norddahl (Mar 29)
- Re: Yet another Quadruple DNS? Ken Chase (Mar 29)
- Re: Yet another Quadruple DNS? Stephen Satchell (Mar 29)
- Re: Yet another Quadruple DNS? joel jaeggli (Mar 29)
- Re: Yet another Quadruple DNS? Christopher Morrow (Mar 30)