nanog mailing list archives

Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.)

From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Wed, 11 May 2022 21:31:56 +0900

As I wrote:

But some spam actors
deliberately compared zone file editions to single out additions, and
then harass the owners of newly registered domains, both by e-mail and
phone.


If that is a serious concern, stop whois.


There are various ways, such as crawling the web, to enumerate
domain names.

For example, large companies such as google can obtain enumerated
list of all the current most active domains in the world, which
can, then, be used to access whois.

Hiding DNS zone information from public is beneficial to powerful
entities such as google.

As such

A wrench can be a tool or a weapon, depending on how one uses it.


The wrench is whois.


However, something like trust banks may be able to hide
privacy of domain name owners if such entities can be regulated
properly for people who want some privacy.

                             Masataka Ohta

Current thread:

Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.), (continued)
- - - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Mel Beckman (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Mel Beckman (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Ray Bellis (May 07)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John Levine (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Ray Bellis (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John McCormac (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John Levine (May 09)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Rubens Kuhl (May 09)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John Levine (May 09)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 10)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 11)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John McCormac (May 11)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 12)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) John McCormac (May 12)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Max Tulyev (May 24)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) David Conrad (May 24)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Rubens Kuhl (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Masataka Ohta (May 09)
  - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Warren Kumari (May 08)
    - Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Daniel Suchy via NANOG (May 08)
- Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.) Matt Corallo (May 11)