NTIA will control the root name servers?
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Sun Jul 3 17:54:45 UTC 2005
On Sun, 03 Jul 2005 12:41:23 EDT, Ted Fischer said:
> >Go read this: http://65.246.255.51/rfc/rfc3675.txt
> >
> >And ask yourself (a) why did that URL work at all, and (b) whether censoring
> >via top-level domain is likely to work.
>
> As an interesting side note, my e-mail client (Eudora) helpfully popped
> up the following message when checking the above URL:
>
> "The host, http://65.246.255.52/rfc/rfc3675.txt, is a numerical IP
> address; most legitimate sites use names, not addresses."
Of course, if you're a subversive visiting the site *because* somebody with
jackbooted thugs has censored the DNS, said site probably isn't considered
"legitimate" by those in power....
And it's a hopeless task - blocking by DNS isn't workable, and even blocking
problematic sites by IP isn't workable. It's pretty easy to show that if you
allow *any* traffic at all, there's covert channels available. Just take the
bandwidth of the pipe, treat the censorship as "noise" (the more heavy-handed,
the noiser), and work out the Shannon limit....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20050703/1d6698ae/attachment.sig>
More information about the NANOG
mailing list