[119228] in North American Network Operators' Group
Re: What DNS Is Not
daemon@ATHENA.MIT.EDU (John Peach)
Tue Nov 10 08:06:37 2009
Date: Tue, 10 Nov 2009 08:05:39 -0500
From: John Peach <john-nanog@johnpeach.com>
In-reply-to: <4AF8A27D.2080405@everydns.net>
To: nanog@nanog.org
Reply-To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, 09 Nov 2009 18:15:09 -0500
David Ulevitch <davidu@everydns.net> wrote:
> On 11/9/09 6:06 PM, Alex Balashov wrote:
>
> > Anything else is COMPLETELY UNACCEPTABLE. I don't understand how or
> > why this could possibly be controversial.
>
> Because some people want the ability and choice to block DNS
> responses they don't like; just as they have the ability and choice
> to reject email they don't want to accept.
>
> When the conficker worms phones home to one of the 50,000 potential
> domains names it computes each day, there are a lot of IT folks out
> there that wish their local resolver would simply reject those DNS
> requests so that infected machines in their network fail to phone
> home.
>
> To use your language, I don't understand how or why this could
> possibly be controversial. -- Apparently it is.
In which case, make your own nameserver authoritative for those
domains; do not foist your own wishes on other people.
--
John
