The more I think about this COICA deal the more I can't even fathom how it could be implemented.
If an upstream server won't resolve, what's to stop a network admin from using an offshored DNS server, or even the root servers? Unless we're talking about keeping DNS traffic confined to the ISP's network. Then what's to stop a global HOSTS.TXT from circulating via torrent? It's shortsighted and problematic, which is usually what happens when technical discussions are dictated by politics. -wil On Nov 22, 2010, at 4:21 PM, Dobbins, Roland wrote: > > On Nov 22, 2010, at 10:48 PM, Joe Abley wrote: > >> I guess if the manner of the interception was to send back SERVFAIL to DNS >> clients whose queries were (in some sense) objectionable, the result would >> be that the clients were not able to resolve the (in some sense) bad names. > > Quantifying the negative performance impact of SERVFAIL on various stub > resolvers might provide some useful data points in any 'official' discussions > which arise on this topic. > > ----------------------------------------------------------------------- > Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> > > Sell your computer and buy a guitar. > > > > >