[145077] in North American Network Operators' Group
Re: Nxdomain redirect revenue
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Tue Sep 27 09:29:22 2011
In-Reply-To: <CAAAwwbWYQfpoHEReiyamy8fO0g0Edh=1+1usKkMk22PWO+i=Pg@mail.gmail.com>
Date: Tue, 27 Sep 2011 09:27:00 -0400
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Jimmy Hess <mysidia@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, Sep 27, 2011 at 7:50 AM, Jimmy Hess <mysidia@gmail.com> wrote:
> On Tue, Sep 27, 2011 at 3:57 AM, William Allen Simpson
> <william.allen.simpson@gmail.com> wrote:
> [snip]
>> Certainly, hijacking google.com NS records to JOMAX.NET would be a
>> criminal interference. =A0After all, that's all DNSsec signed now,
>> isn't it?
>
> I would rather see DNSSEC =A0and TLS/HTTPS get implemented end to end.
how does tls/https help here? if you get sent to the 'wrong host'
whether or not it does https/tls is irrelevant, no? (save the case of
chrome and domain pinning)
> The solution is to spread their name as widely as possible, so
> consumers can make an informed
> choice if they wish to avoid service providers that engage in abusive pra=
ctices,
> and bring it attention to regulators if the service providers are
> acting as an abusive monopoly in regards to their interception
> practices.
sadly, not everyone has a choice in providers :(
