[119199] in North American Network Operators' Group
Re: What DNS Is Not
daemon@ATHENA.MIT.EDU (David Ulevitch)
Mon Nov 9 18:16:45 2009
Date: Mon, 09 Nov 2009 18:15:09 -0500
From: David Ulevitch <davidu@everydns.net>
To: Alex Balashov <abalashov@evaristesys.com>
In-Reply-To: <4AF8A090.9050201@evaristesys.com>
Cc: nanog@merit.edu
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 11/9/09 6:06 PM, Alex Balashov wrote:
> Anything else is COMPLETELY UNACCEPTABLE. I don't understand how or why
> this could possibly be controversial.
Because some people want the ability and choice to block DNS responses
they don't like; just as they have the ability and choice to reject
email they don't want to accept.
When the conficker worms phones home to one of the 50,000 potential
domains names it computes each day, there are a lot of IT folks out
there that wish their local resolver would simply reject those DNS
requests so that infected machines in their network fail to phone home.
To use your language, I don't understand how or why this could possibly
be controversial. -- Apparently it is.
-David
