[132812] in North American Network Operators' Group
Re: Blocking International DNS
daemon@ATHENA.MIT.EDU (David Conrad)
Wed Dec 1 20:19:21 2010
From: David Conrad <drc@virtualized.org>
In-Reply-To: <m2tyixjhn1.wl%randy@psg.com>
Date: Wed, 1 Dec 2010 15:18:42 -1000
To: Randy Bush <randy@psg.com>
Cc: North American Network Operators Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 1, 2010, at 11:41 AM, Randy Bush wrote:
> the more i think about this, the more i am inclined to consider a =
second
> trusted root not (easily) attackable by the usg, who owns the root =
now,
> or the acta vigilantes. as dissent becomes less tolerated, let alone
> supported, we may want to attempt to ensure it in our deployments.
Wouldn't this simply change the focus of who can attack from the USG =
(which, as far as I am aware, has not attacked the root) to some other =
government (or worse, the UN)? Given a handle, folks are going to want =
to grab it when they feel a need to control, regardless of who the folks =
are. It'd be nice to remove the handle, but that appears to be a very =
hard problem...
Regards,
-drc
