Blocking International DNS
Steven Bellovin
smb at cs.columbia.edu
Thu Dec 2 01:35:12 UTC 2010
On Dec 1, 2010, at 8:18 42PM, David Conrad wrote:
> On Dec 1, 2010, at 11:41 AM, Randy Bush wrote:
>> the more i think about this, the more i am inclined to consider a second
>> trusted root not (easily) attackable by the usg, who owns the root now,
>> or the acta vigilantes. as dissent becomes less tolerated, let alone
>> supported, we may want to attempt to ensure it in our deployments.
>
> Wouldn't this simply change the focus of who can attack from the USG (which, as far as I am aware, has not attacked the root) to some other government (or worse, the UN)? Given a handle, folks are going to want to grab it when they feel a need to control, regardless of who the folks are. It'd be nice to remove the handle, but that appears to be a very hard problem...
>
I think that the Pirate Bay announcement was triggered by
http://www.npr.org/templates/story/story.php?storyId=131678432 plus the
COICA bill (http://www.eff.org/coica) -- though it, at least, appears
to be dead for this session and who knows what the new Congress will do.
That said, I think the problem is primarily political, not technical.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG
mailing list