[GTALUG] "DNS Wars"

ac ac at main.me
Mon May 10 07:11:20 EDT 2021 

On Sun, 9 May 2021 12:15:09 -0400 (EDT)
"D. Hugh Redelmeier via talk" <talk at gtalug.org> wrote:
> | From: ac via talk <talk at gtalug.org>
> | And, there are additional dimensions to some of the issues raised in
> | the above post.
> I'm sure.  It is both condensed and long-ish (at least for my
> web-tuned attention span).
> The blog entry contains an embedded YouTube video of a talk by Vixie
> that I'm only part way through.
> 
it is easier to grasp all of it if one lived the dream over some
decades :) 

I can only imagine that it is very hard if anyone tries to have an
informed opinion by reading/listening/watching POV from singular
perspectives instead of being involved in DNS for 30+ years

> | Political changes to BIND, is one of the reasons I left 
> | almost a decade ago. The general support for enabling walled gardens
> | and "custom" responses in open source communities by actually
> adding | code to a project, is, imnsho, simply wrong.
> I understand the vague idea but I'm not sure of the specific.  And
> don't know about choices that have subtle consequences.  I certainly
> don't know what issues are particularly concerning to you.
> 
well, lots of stuff, from the RFC's right down to BIND DEV and years of
discussions on BIND DEV and RFC lists about why not and why to whatever.
Opinions, politics and always big tech and governments, usual world
domination type stuff.
the straw that broke this camels back, was enabling walled gardens -
which was basically allowing addition of code to provide "custom"
answers as this, imnsho, is evil and enables evil, the little bit of
good (of which even that is very debatable) was far outweighed by the
mountain of evil. But, the majority of the community did not agree. so,
as Donald Trump said:  “It is so great, so very very great, never
before in the history of the world has anything been this great, in
fact I think it is the greatest, it is the most amazing and nobody has
ever before been this great…” except it was truly evil and also quoting
Donald Trump: "It is what it is" 74? Million people in America will now
support whatever I claim, yay, I have figured out how 2021 works, I
wish I knew this at the start of the previous decade :(
I would have simply insisted on bind dev that everyone agrees that I am
right, and that @pv etc are all actually fake email bots, and
that the list is rigged and the vote was stolen rofl
> | There are many other DNS issues not raised in this post, one obvious
> | example is that the overwhelming and vast majority of normal users
> | simply "searches" on GOOGLE for https://example.com - and
> | depending on "GOOGLE policy of that day" (as this changes) - users
> are | either directly redirtected to https://example.com - or users
> are shown | "search" results...(as, of course the user is "searching"
> because the | software vendors, a lot of the time the search engine
> itself, has | designed their software in this fashion as they want to
> control and own | every bit traveling on the wire.
> | The "new" path Firefox is on, is so wrong.
> Actually that is mentioned.  In Episode 2 and 3.
> 
yes, but the direction - where firefox is headed - should be tied to
the corporate future we are sheep herded into. I wish people were more
like cats.
> | I can write a LOT more about this, but it is upsetting and emotional
> | for myself. 
> I'm curious but powerless (as far as I know).  I once attended an IETF
> meeting about DNSSec but that was long ago.  Earlier our project had
> a fight about standardizing key distribution throught the reverse
> domain.
we are all powerless as we are fighting human nature as exploited by
multinational companies black ops and they are far more organised than
any other single group or even any government (maybe with some
exceptions) are.

dnssec:  yeah, love it. I wrote a few guides many years ago, on
howto practically setup dnssec, step by little step, depending on the
registrar, implementation (as it is not all one thing, the registrars
are very different and have different protocols as well as
implementations.) I actually have not setup dnssec for inaddr, I can
imagine that the various RIR would also have different protocols and
implementations, I have multiple AS and are on various RIPE, AFRINIC
and ARIN lists, but, have never setup number based dnssec so thank you
for the ray of sunshine, something new to learn :)

which project are you speaking of and do you happen to know if the
various/any RIR have any standardised protocols and/or implementations?

btw thanks :)

Andre

More information about the talk mailing list