On Mon, 09 Nov 2009 18:15:09 -0500 David Ulevitch <davidu@everydns.net> wrote:
On 11/9/09 6:06 PM, Alex Balashov wrote:
Anything else is COMPLETELY UNACCEPTABLE. I don't understand how or why this could possibly be controversial.
Because some people want the ability and choice to block DNS responses they don't like; just as they have the ability and choice to reject email they don't want to accept.
When the conficker worms phones home to one of the 50,000 potential domains names it computes each day, there are a lot of IT folks out there that wish their local resolver would simply reject those DNS requests so that infected machines in their network fail to phone home.
To use your language, I don't understand how or why this could possibly be controversial. -- Apparently it is.
In which case, make your own nameserver authoritative for those domains; do not foist your own wishes on other people. -- John