[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Multi-root DNS is real.

On Wed, 7 Dec 2005, Matt Ghali wrote:

On Wed, 7 Dec 2005, Matthias Fischmann wrote:

 besides yet more beautiful unicode-related desaster, the article
 points out that there are by now different DNS roots in the internet,
 and which one you reach depends on your client IP address.

There may well be thousands of "roots" on the internet, but at least
so far, there has been almost no buy-in from caching server
operators willing to point at these "alternate roots".

I could configure my nameserver to serve '.' authoritatively with
any data I want in a couple of minutes, but the signifigance of me
doing so (other than to myself) would be zero.

Whether or not your resolver hits an 'alternate root' depends not on
your IP address, but what nameserver your resolver is using. As of
now I do not believe any regional ISPs have drank the alt-root

True enough, but in setting your nameserver to a DNS server which is configured to hand off the one true (tm) root-servers.net zone -- PLUS the .onion zone, is harmless enough, and can be done on both individual pcs, or on things like linksys routers.

The main problem with alternate namespaces as per Paul Vixie, et al, is that it steps heavily on things if other TLD's are ever adopted. I don't ever see .onion being adopted by anyone else.

The real question here, of course, is what happens if someone DOES somehow get .onion officially delegated to them.

As for using it with Tor? Well, keep in mind that now all your DNS queries are being sent along to that new resolver, and your actions can be tracked that way unless you're using privoxy to do the resolution directly, which kinda cancels out the privacy thing.



--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org