[liberationtech] decentralized DNS... What's the state of DNSSEC implementation by those on this list.. ?

Andrew Lewis andrew at pdqvpn.com
Thu Mar 15 07:50:24 PDT 2012 

Not if a US judge says orders ICANN to comply, I am not sure of the legal issues, but the US has been extending what it thinks is it's jurisdiction as of late.  

-Andrew

On Mar 15, 2012, at 2:42 PM, James Losey <jameswlosey at gmail.com> wrote:

> Seth,
> 
> I may have missed the original post, and was going off the thread. Addressing domain seizures is important, but could one way around seizures be to mirror a website on TLDs in different jurisdictions? 
> 
> Best
> J
> 
> On Thu, Mar 15, 2012 at 10:37 AM, Seth David Schoen <schoen at eff.org> wrote:
> James Losey writes:
> 
> > If the registry is wrong on a global level I can see where DNSSEC might not
> > be sufficient. However, if a man-in-the-middle attack attempts to spook an
> > attack to users in one region isn't this a case where DNSSEC would be
> > effective, and result in an error
> > code<http://www.iana.org/assignments/dns-parameters>?
> > My understanding is that implementation of DNSSEC limits the ability for
> > lazy censorship such as filtering queries (unless they simply gave a
> > false "Non-Existent
> > Domain" return code) or redirecting queries to other websites, both of
> > which would be goals of interest to members of this list.
> 
> I might have misunderstood what the original poster was referring to,
> in which case I apologize for making a misleading claim about what this
> thread was about.  I thought the original poster was referring to
> domain name seizures, not spoofed replies to DNS queries.  I agree
> that DNSSEC is useful for detecting spoofed replies to queries.
> 
> --
> Seth Schoen  <schoen at eff.org>
> Senior Staff Technologist                       https://www.eff.org/
> Electronic Frontier Foundation                  https://www.eff.org/join
> 454 Shotwell Street, San Francisco, CA  94110   +1 415 436 9333 x107
> 
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> Should you need immediate assistance, please contact the list moderator.
> 
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120315/ba08da17/attachment.html>

More information about the liberationtech mailing list