On-going Internet Emergency and Domain Names
Gadi Evron
ge at linuxbox.org
Mon Apr 2 02:32:59 UTC 2007
On 1 Apr 2007, Paul Vixie wrote:
>
> ge at linuxbox.org (Gadi Evron) writes:
>
> > On Sun, 1 Apr 2007, Adrian Chadd wrote:
> >
> > > Stop trying to fix things in the core - it won't work, honest - and start
> > > trying to fix things closer to the edge where the actual problem is.
> >
> > Thing is, the problem IS in the core.
>
> nope. read what he wrote-- "it won't work, honest". the problem is on the
> front-end, an "edge", specifically in the way domain tasting works. does
> anyone really believe that there will ever again be a million domains added
> to the DNS in a 24-hour period? (of course not.) then why do verisign and
> the other TLD registries have to cope with many millions of updates per day?
> if we solve THAT problem, which is difficult and barely tractible, then the
> "dns core" will go on as before, working just fine all the while.
>
> > DNS is no longer just being abused, it is pretty much an abuse
> > infrastructure.
>
> do you mean DNS or do you mean every Internet technology including IP, UDP,
> TCP, ICMP, BGP, etc; plus most non-Internet-specific technologies including
> ASCII, Unicode, 32-bit, 64-bit, and binary?
>
> "the internet, and technology in general, is no longer just being abused,
> it is pretty much an abuse infrastructure." <--- i'd agree with *that*.
> (but this is not the first time I've been irritated that I can't choose which
> other humans to share the galaxy with and which ones I'd like to kick out.)
I stand corrected, the Internet is obviously the problem and botnets are
the very seriosu symptom, but consider:
This is not a DNS server being abused, it is the infrastructure. The
"network", centralized and de-centralized.
So yes, DNS has become an infrastructure for abuse even if the Internet
itself is not very safe.
Gadi.
> --
> Paul Vixie
>
More information about the NANOG
mailing list