IETF Logo Mail Archive

Re: [dnsext] Re: need new flag bit in EDNS, "do me no favours" (DMNF)

"Jeffrey A. Williams" <jwkckid1@ix.netcom.com> Tue, 26 October 2010 20:06 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2F5973A68ED; Tue, 26 Oct 2010 13:06:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.773
X-Spam-Level:
X-Spam-Status: No, score=-1.773 tagged_above=-999 required=5 tests=[AWL=0.826, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TEGPG0eX-NUU; Tue, 26 Oct 2010 13:05:59 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 016393A688A; Tue, 26 Oct 2010 13:05:58 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.72 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1PApl1-000AKd-S5 for namedroppers-data0@psg.com; Tue, 26 Oct 2010 20:04:31 +0000
Received: from elasmtp-kukur.atl.sa.earthlink.net ([209.86.89.65]) by psg.com with esmtp (Exim 4.72 (FreeBSD)) (envelope-from <jwkckid1@ix.netcom.com>) id 1PApkz-000AKE-2O for namedroppers@ops.ietf.org; Tue, 26 Oct 2010 20:04:29 +0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=ix.netcom.com; b=gCp/nV0vZm5++ZP6PLqL+pmT4Jocv0hweyXlLOwtR8kiMjk+FsiR7V3OuhCU3Mzq; h=Message-ID:Date:From:Reply-To:To:Subject:Mime-Version:Content-Type:Content-Transfer-Encoding:X-Mailer:X-ELNK-Trace:X-Originating-IP;
Received: from [209.86.224.41] (helo=elwamui-mouette.atl.sa.earthlink.net) by elasmtp-kukur.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from <jwkckid1@ix.netcom.com>) id 1PApkx-0000kS-PH for namedroppers@ops.ietf.org; Tue, 26 Oct 2010 16:04:27 -0400
Received: from 99.93.224.206 by webmail.earthlink.net with HTTP; Tue, 26 Oct 2010 16:04:27 -0400
Message-ID: <10454724.1288123467793.JavaMail.root@elwamui-mouette.atl.sa.earthlink.net>
Date: Tue, 26 Oct 2010 15:04:27 -0500
From: "Jeffrey A. Williams" <jwkckid1@ix.netcom.com>
Reply-To: "Jeffrey A. Williams" <jwkckid1@ix.netcom.com>
To: IETF DNSEXT WG <namedroppers@ops.ietf.org>
Subject: Re: [dnsext] Re: need new flag bit in EDNS, "do me no favours" (DMNF)
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: EarthLink Zoo Mail 1.0
X-ELNK-Trace: c8e3929e1e9c87a874cfc7ce3b1ad11381c87f5e51960688007039b9fbcdbde208c38309dd6ea4ac350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 209.86.224.41
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>

Andreas and all,


-----Original Message-----
>From: Andreas Gustafsson <gson@araneus.fi>
>Sent: Oct 26, 2010 2:34 PM
>To: IETF DNSEXT WG <namedroppers@ops.ietf.org>
>Subject: Re: [dnsext] Re: need new flag bit in EDNS, "do me no favours" (DMNF) 
>
>Paul Vixie wrote:
>> > From: Colm MacCárthaigh <colm@allcosts.net>
>> > Why doesn't that belong better in HTTP? The HTTP WG is probably better
>> > placed to define whatever a "web error" is.
>> 
>> if you get an nxdomain you won't be connecting to any web server anywhere.
>
>Maybe this can't be solved by the HTTP WG, but it could be solved by
>the web browser vendors.
>
>First of all, any improvement in "user experience" that the proponents
>of web error redirection are claiming as a justification for doing DNS
>rewriting can just as easily be implemented in the browser.  One
>difference, of course, is that any ad revenue resulting from the
>"improved experience" would then go to the browser vendor rather than
>the ISP.

  Well this would be goodness for the browser vendor/developer as you state
it.  Also though it would be an opertunity for the ISP and the browser
vendor/developer to cooperate and have cross revinue sharing agreements
so that both can benifit, or conversly if the user option is to turn
doing DNS rewriting, than neither would benifit and the user would have
the option not the browser vendor or the IxP.
>
>Second, browser vendors are in a position to defend against unwanted
>DNS rewrites, by making the browsers bypass the system resolver and
>directly query a recursive DNS server operated by the vendor or a
>third party.  If enough browsers did this, NXDOMAIN rewriting in the
>DNS would not longer be profitable.

  This would be a good outcome IMO for some users.
>
>Third, browser vendors could help raise awareness and exert pressure.
>Imagine browsers detecting rewrites and displaying alerts along these
>lines:
>
>    [Insert browser name here] has detected that your computer is
>    using a DNS server that tampers with the results of DNS lookups.
>    Most likely, this is an attempt by your Internet Service Provider
>    to replace the error message that would normally be displayed
>    when you enter an incorrect URL with a pages containing paid
>    advertisements.

  I love this alert message.  >:)
>
>    [Browser vendor] considers this practice harmful, not only because
>    it alters your web browsing experience, but also because it can
>    interfere with the operation of other Internet applications on
>    your computer and other Internet-enabled devices on your network.

  This one might be ok in some instances, not in others...
>
>    [Browser] has automatically switched to a third-party DNS service
>    operated by [company], but your other applications and devices are
>    still affected.  If your Internet Service Provider allows you to
>    opt out of DNS rewriting, we recommend that you do so.  Alternatively,
>    you can change your DNS settings to use a third-party DNS provider
>    by following the instructions at [this link].

  This alert message would be acceptable as well in some instances, but
should be set by the user, not the IxP or third party DNS provider.
>
>-- 
>Andreas Gustafsson, gson@araneus.fi
>
Regards,
Jeffrey A. Williams
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is very
often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B; liability
depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of
Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com
Phone: 214-244-4827

v2.23.0 | Report a Bug | By Email