We need to be careful in proposing a suggested solution.
Inclusive Namespace roots provide public resolvers for users whose ISPs are too stubborn or dumb to provide their users with choice. Customers of such ISPs can simply decide to use the public resolvers provided by the INS roots, like Public Root or ORSC.
Shutting off user choice by suggesting that ISPs block outbound 53/TCP, 53/UDP will take away that choice.
I'm sure that some ICANN synchophants will be happy about this and if I were the suspicious type, I'd say that this sudden "awareness" of a "severe security problem" that has been around for a long time may be planned by those who are becoming uncomfortable with the ever increasing number of people who are abandoning the ICANN root in favor of DNS Service Providers (DSPs) who provide a view of the entire internet and don't impose non-related policies (UDRP) on domain registrants.
What better way to kill the INS than by putting up a security straw man and scaring people, especially ISPs, into taking away DNS choices from internet citizens. I am especially suspicious about this after seeing who was quoted in the recent MSNBC piece about the so-called "new" security risk that has "just been discovered". His jihad against allowing internet citizens to have freedom to chose their DSP from among global choices is well known to all.
Watch out here - there may be more to this story than meets the eye...
Slashdot Mirror
Nah, that wont work. Besides, hooking electrodes up to that already gets PETA upset when they do it to tigers and leopards... :->
We need to be careful in proposing a suggested solution.
Inclusive Namespace roots provide public resolvers for users whose ISPs are too stubborn or dumb to provide their users with choice. Customers of such ISPs can simply decide to use the public resolvers provided by the INS roots, like Public Root or ORSC.
Shutting off user choice by suggesting that ISPs block outbound 53/TCP, 53/UDP will take away that choice.
I'm sure that some ICANN synchophants will be happy about this and if I were the suspicious type, I'd say that this sudden "awareness" of a "severe security problem" that has been around for a long time may be planned by those who are becoming uncomfortable with the ever increasing number of people who are abandoning the ICANN root in favor of DNS Service Providers (DSPs) who provide a view of the entire internet and don't impose non-related policies (UDRP) on domain registrants.
What better way to kill the INS than by putting up a security straw man and scaring people, especially ISPs, into taking away DNS choices from internet citizens. I am especially suspicious about this after seeing who was quoted in the recent MSNBC piece about the so-called "new" security risk that has "just been discovered". His jihad against allowing internet citizens to have freedom to chose their DSP from among global choices is well known to all.
Watch out here - there may be more to this story than meets the eye...