Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ATTBI refuses to do reverse DNS?

  • From: Chris Woodfield
  • Date: Wed Jun 19 10:44:03 2002

If the people who "vote with their wallets" here are the ATTBI customers, don't 
forget that if you're not served by DSL, cable broadband is really the only 
good option for broadband access (I'm not counting satellite, with >1s ping 
times, or wireless, which is still in its infancy as a residential solution). 
And rarely will you find a home anywhere in the US served by more than one 
cable company.

Makes it kinda kard to vote with your wallet when the vendor has de facto 
monopoly power.

-C

> The people who are supposedly hurt here are those who ultimately have
> the most influence.  In the end they can vote with their wallets even if
> they can't edit the appropriate zone files directly.  (And the whole
> idea behind DNS trust really revolves around having two different
> parties agree on the mapping, not in simply allowing the user to edit
> their own reverse DNS!) 
> 
> > Just as 
> > Network Address Translation is not a security solution, neither is checking 
> > INADDR.
> 
> I don't think anyone has said that DNS consistency is a security
> solution.  You keep confusing these concepts I think.  It's only one
> tiny part of the picture.  Fully consistent DNS only increases the level
> of trust you can have in the hostnames used.  Since hostnames are
> supposed to be more stable than IP addresses, you _want_ to have more
> trust in the hostnames, but with current protocols you cannot unless
> there is full consistency between forward and reverse lookups.
> 
> > Now if you check INADDR over Secure DNS, you might start having 
> > some level of information to trust.
> 
> We can only hope, but I'll believe it when I see it.
> 
> -- 
> 								Greg A. Woods
> 
> +1 416 218-0098;  <gwoods@acm.org>;  <g.a.woods@ieee.org>;  <woods@robohack.ca>
> Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>

Attachment: pgp00013.pgp
Description: PGP signature




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.