nanog mailing list archives
RE: DNSSEC and ISPs faking DNS responses
From: <eric-list () truenet com>
Date: Fri, 13 Nov 2015 13:12:24 -0500
Actually, how are other places implementing these lists? I would have thought to use RPZ, but as far as I know if the blocked DNS domain is using DNSSEC it wouldn't work. Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300 F: 610-429-3222 -----Original Message----- From: NANOG [mailto:nanog-bounces () nanog org] On Behalf Of John R. Levine Sent: Friday, November 13, 2015 12:33 PM To: Owen DeLong Cc: nanog () nanog org Subject: Re: DNSSEC and ISPs faking DNS responses I doubt the ISPs in Québec would have much sympathy for this proposed law. It makes their life harder and provides them no benefit. Should it pass (remember, it's just proposed), I expect they'd just adjust their DNS caches to block responses for the list of domains that the government mails them and claim they're in full compliance. R's, John
Current thread:
- Re: DNSSEC and ISPs faking DNS responses, (continued)
- Re: DNSSEC and ISPs faking DNS responses Roland Dobbins (Nov 14)
- Re: DNSSEC and ISPs faking DNS responses Stephane Bortzmeyer (Nov 14)
- Re: DNSSEC and ISPs faking DNS responses Baldur Norddahl (Nov 14)
- Re: DNSSEC and ISPs faking DNS responses John Levine (Nov 14)
- Re: DNSSEC and ISPs faking DNS responses Alejandro Acosta (Nov 12)
- Re: DNSSEC and ISPs faking DNS responses Owen DeLong (Nov 12)
- Re: DNSSEC and ISPs faking DNS responses John Levine (Nov 12)
- Re: DNSSEC and ISPs faking DNS responses Owen DeLong (Nov 13)
- Re: DNSSEC and ISPs faking DNS responses John R. Levine (Nov 13)
- RE: DNSSEC and ISPs faking DNS responses eric-list (Nov 13)
- RE: DNSSEC and ISPs faking DNS responses Tony Finch (Nov 16)