Blocking International DNS

Steven Bellovin smb at cs.columbia.edu
Thu Dec 2 01:35:12 UTC 2010


On Dec 1, 2010, at 8:18 42PM, David Conrad wrote:

> On Dec 1, 2010, at 11:41 AM, Randy Bush wrote:
>> the more i think about this, the more i am inclined to consider a second
>> trusted root not (easily) attackable by the usg, who owns the root now,
>> or the acta vigilantes.  as dissent becomes less tolerated, let alone
>> supported, we may want to attempt to ensure it in our deployments.
> 
> Wouldn't this simply change the focus of who can attack from the USG (which, as far as I am aware, has not attacked the root) to some other government (or worse, the UN)?  Given a handle, folks are going to want to grab it when they feel a need to control, regardless of who the folks are.  It'd be nice to remove the handle, but that appears to be a very hard problem...
> 
I think that the Pirate Bay announcement was triggered by
http://www.npr.org/templates/story/story.php?storyId=131678432 plus the
COICA bill (http://www.eff.org/coica) -- though it, at least, appears
to be dead for this session and who knows what the new Congress will do.

That said, I think the problem is primarily political, not technical.


		--Steve Bellovin, http://www.cs.columbia.edu/~smb









More information about the NANOG mailing list