[IP] VeriSign prepares to relaunch "Site Finder" -- calls technologists "biased"

Paul Vixie vixie at vix.com
Mon Feb 23 18:19:03 UTC 2004


rubens at email.com ("Rubens Kuhl Jr.") writes:

> ... the DNS structure is a scalable way to locate IP addresses for names,
> but it needs trust as people can bypass it and go directly to root servers,
> gtld servers, cctld servers. The more non-standard hacks the structure get,
> the more distrust it will have; if it becomes widespread, off-the-shelf
> operating systems with internal recursive DNS will also become widespread.
> Revenue from DNS redirection will go towards zero, and load at the central
> servers will go to the sky and never come down ever again.

Um.  That happened years ago, mostly by mistake.

However I agree with the premise -- as middlemen continue to try to monetize
other people's transactions, the endpoints will continue to try to work around
the middlemen.  So it is with carpet sales, home electronics, online auctions,
and now DNS.

DNSSEC, now in its eleventh year of preproduction, is supposed to make this
kind of middletweaking more detectable, but not more preventable.  I suspect
that Rodney's idea for doing DNS over IP tunnels is even more desireable than
he thinks, for reasons he may not have yet considered.
-- 
Paul Vixie



More information about the NANOG mailing list