Taking your argument to the extreme, the worst malicious DNS would be the one that consistently returns "NXDOMAIN". I am afraid this is not the case. Targeted attacks are actually more harmful, as you have correctly pointed out. Chris
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ben Adida Sent: Thursday, August 28, 2008 11:46 PM To: Kristof Zelechovski Cc: whatwg@lists.whatwg.org; 'Manu Sporny' Subject: Re: [whatwg] RDFa Features Kristof Zelechovski wrote: > Ian's question was about what happens when it goes down forever, or gets > taken over, intercepted, squatted, spoofed or redirected because of a > malicious DNS. Okay, let's get rid of a few cases. Malicious DNS will break *everything* if you don't have DNSSEC. Google isn't Google, none of your lookups are trustworthy, etc... You're effectively saying "what if the web breaks completely?" Well then, there's no web metadata, but there's no web either, so what's the point.