Censorship at ISP-Level / DNS-Tampering Paper
Maximillian Dornseif
md at hudora.de
Wed Jun 4 16:31:55 UTC 2003
[link for this:
http://md.hudora.de/blog/guids/53/53/5261415523775104.html]
Dear (swinog | siug | nanog),
I recently asked for input on using proxies and DNS for blocking Web
content.
After some great input from listsmembers and the work of dedicated
reviewers I have put an preprint online: "Government mandated blocking
of foreign Web content" can be found at
http://md.hudora.de/publications/#blocking or directly at
http://md.hudora.de/publications/200306-gi-blocking/200306-gi-
blocking.pdf It tries to give an technical overview about censorship at
ISP level.
The relevance for network management are mainly the empirical results
on DNS tampering which are summarized at
http://md.hudora.de/blog/guids/53/53/5261415523775104.html . Basically
providers using DNS to block Web content don't get it right and break
all kinds of stuff.
Besides the technical challanges - BIND's coarse granularity allowing
basically only manipulations at zone level - I think we face serious
policy challenges: When once starting with DNS tampering why not use it
for commercial purposes. E.g. redirect people trying to access your
competitors domains to your own stuff? Possibly government mandated
blocking manages to finish off, what the ICANN-wars where not able to
archive: destroy DNS as an unified namespace.
Thanks again for all the input.
Regards
Max Dornseif
--
Maximillian Dornseif - http://md.hudora.de/
Dipl. Jur., University of Bonn, Germany - ars longa, vita brevis!
More information about the NANOG
mailing list