Sitefinder II, the sequel...

Florian Weimer fw at deneb.enyo.de
Tue Jul 11 05:51:17 UTC 2006


* Steven M. Bellovin:

> The second is the precedent that's set -- who gets to decide what zones
> are excluded from the tree?  OpenDNS?  Sure -- and to whom do they
> listen?  Are any sites to be ruled out on political grounds?
> Ideological?  Not today, sure, and (I assume) not by OpenDNS -- but what
> if some misguided legislature passes some law?

And how is real DNS any different?  Even in Western democracies, ISPs
can be forced to suppress zones on their resolvers.

There are profound privacy issues with centralized, opt-in DNS
resolvers, but they can probably be resolved satisfactorily.  But I'm
definitely the wrong guy to argue in favor of DNS-related privacy
(although I try very hard to make it impossible to link DNS queries
and responses to particular users).

Apart from that, I hope that services like this one (coupled with
tactical null routes) becomes more important to consumers.  More
competition on network-based security measures will help to protect
them from (technically) harmful content.  In some collapsed consmer
markets, it might enable ISPs to charge extra fees and compete on
these additional services, avoiding a complete meltdown of the market
and a return to an oligopoly.



More information about the NANOG mailing list