This DNS over HTTP thing

Jay R. Ashworth jra at baylink.com
Wed Oct 2 21:25:31 UTC 2019


----- Original Message -----
> From: "John Levine" <johnl at iecc.com>

> In article <804699748.1254612.1570037049931.JavaMail.zimbra at baylink.com> you
> write:
>>Tools. Are. Neutral.
>>
>>Any solution to a problem that involves outlawing or breaking tools will.
>>Not. Solve. Your. Problem.
> 
> I think in the outside world you'll find very little support for an argument
> that filtering DNS is fundamentally broken.
> 
> Sure, you can do it in broken ways, but it's going to be really hard
> to persuade anyone that their lives are better if they have unfiltered
> access to the malware links in their spam.

I expect I would.

But this is not "filtering DNS".  It's "making a bodge-handed attempt to 
REPLACE DNS (well, proxy it) for only one application/layer".

My problem isn't what they're using it for; it's that they've implemented
it so poorly.

I live down here in the trenches, John, where "it doesn't work" is the calibre
of problem reports I get.  When my tools say that "yes, it does", *I'm* the one
who takes it in the nads because Mozilla had a Better Fuckin' Idea.

That it will likely cause lots of 50,000ft problems to is just a cherry on the
top.

Cheers,
-- jra

-- 
Jay R. Ashworth                  Baylink                       jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates       http://www.bcp38.info          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274



More information about the NANOG mailing list