[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Multi-root DNS is real.




hi, this is curious:

  http://www.circleid.com/posts/splitting_the_root_its_too_late/

besides yet more beautiful unicode-related desaster, the article
points out that there are by now different DNS roots in the internet,
and which one you reach depends on your client IP address.

this is fun, and has obvious implications for tor.  web sites have
been reacting on client IPs for a while, but now you even reach a
different web site if you are on the wrong section of the internet
(red crescent if you try to reach the red cross from an arab country,
a small anonymous and highly profitable nigerian enterprise if you try
to reach citibank from nigeria, etc).

my favorite (and a little sci-fi) solution would be to use a global
DHT in which everybody can set up namespaces rooted in some fresh
public key, like in the host identity protocol:

  http://www.ietf.org/html.charters/hip-charter.html

i am looking forward to the real (and no doubt very different) fix.

cheers,
matthias

Attachment: signature.asc
Description: Digital signature