nanog mailing list archives
Re: On-going Internet Emergency and Domain Names
From: Roland Dobbins <rdobbins () cisco com>
Date: Sat, 31 Mar 2007 09:44:59 -0700
On Mar 31, 2007, at 9:20 AM, Paul Vixie wrote:
fundamentally, this isn't a dns technical problem, and using dns technology to solve it will either not work or set a dangerous precedent. and sincethe data is authentic, some day, dnssec will make this kind of poison impossible.
Some SPs are doing DNS manipulation/poisoning now for various reasons, with varying degrees of utility/annoyance. If those SPs choose to manipulate their own DNS in a way which affects their own users, that's fine; if the users don't like it, they can to elsewhere. Some enterprises are doing the same kinds of things, with the same options available to the user population (though not always quite as easy to 'go elsewhere', heh).
What SPs or enterprises choose to do for/to their own user bases is between them and their users. When we start talking about involving registries, etc., that's when we've clearly jumped the shark.
There is no 'emergency', any more than there was an 'emergency' last week or the week before or the month before that - after a while, a state of 'emergency' becomes the norm, and thus the bar is raised. It's merely business as usual, and no extraordinary measures are required. Yes, there are ongoing, long-term problems, but they need rationally-thought-out, long-term solutions.
'Think globally, act locally' seems a good principle to keep in mind, along with 'Be liberal in what you accept, and conservative in what you send'. Much unnecessary grief and gnashing of teeth would be avoided if folks worries about what was going on in their own networks vs. grandiose, 'fix-the-Internet'-type 'solutions' (the appeal of the latter is that it requires no actual useful effort or sacrifice on one's own part, merely heated rhetoric and a pointed finger, which appeals to some of the least attractive aspects of human nature).
-----------------------------------------------------------------------
Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice
Words that come from a machine have no soul.
-- Duong Van Ngo
Current thread:
- Re: On-going Internet Emergency and Domain Names, (continued)
- Re: On-going Internet Emergency and Domain Names Stephen Satchell (Mar 31)
- Re: On-going Internet Emergency and Domain Names Gadi Evron (Mar 31)
- Re: On-going Internet Emergency and Domain Names Adrian Chadd (Mar 31)
- Re: On-going Internet Emergency and Domain Names Gadi Evron (Mar 31)
- Re: On-going Internet Emergency and Domain Names Adrian Chadd (Mar 31)
- Re: On-going Internet Emergency and Domain Names Petri Helenius (Mar 31)
- Re: On-going Internet Emergency and Domain Names Gadi Evron (Mar 31)
- RE: On-going Internet Emergency and Domain Names michael.dillon (Mar 31)
- Re: On-going Internet Emergency and Domain Names Hank Nussbacher (Mar 31)
- Re: On-going Internet Emergency and Domain Names Paul Vixie (Mar 31)
- Re: On-going Internet Emergency and Domain Names Roland Dobbins (Mar 31)
- Re: On-going Internet Emergency and Domain Names Gadi Evron (Mar 31)
- Re: On-going Internet Emergency and Domain Names Florian Weimer (Mar 31)
- redirect (Re: On-going Internet Emergency and Domain Names ) Paul Vixie (Mar 31)
- Re: On-going Internet Emergency and Domain Names Gadi Evron (Mar 31)
- Re: On-going Internet Emergency and Domain Names Paul Vixie (Mar 31)
- Re: On-going Internet Emergency and Domain Names Matt Ghali (Mar 31)
- Re: On-going Internet Emergency and Domain Names Gadi Evron (Mar 31)
- Re: On-going Internet Emergency and Domain Names Jon R. Kibler (Mar 31)