On 3/10/2019 10:24 PM, Paul Vixie wrote: > if you are using my network, then it makes no difference which of us > bought you that laptop. you will use the RDNS i allow you to use. RDNS > is part of the control plane, and i use it for both monitoring and > control. sometimes that's so that i can see malware beacon to its C&C. > sometimes that's so that i can institute parental controls. > > if you don't like my rules, you should vote with your feet, and not > visit me. because that is the only choice you will have. (yes, i will > be part of a major new project to identify and block all DoH services, > so that behavioural security policies can still work, because you may > have noticed that the internet has never become MORE secure from new > tech, but it occasionally becomes LESS secure more slowly because of > policy.)
"Use a VPN, or use the local defaults". Well, there are plenty of in-between. For example, I might be using a web proxy, which is sort of like a VPN but not quite. Or I might be using some web-RTC application, which uses something else than DNS to identify my peers. DNS is just one way to locate servers I want to connect to. You claim the right to impose your rules, because it is "your network". Yet you have to define ownership. You are providing network services under some contractual terms. There are cases where an imperial network can dictate those terms, but there are also many cases in which the contractual power of the network is limited -- thinks like fair access, network neutrality, etc. Just claiming an empire does not automatically make you the emperor. -- Christian Huitema _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
