rubens@email.com ("Rubens Kuhl Jr.") writes:
... the DNS structure is a scalable way to locate IP addresses for names, but it needs trust as people can bypass it and go directly to root servers, gtld servers, cctld servers. The more non-standard hacks the structure get, the more distrust it will have; if it becomes widespread, off-the-shelf operating systems with internal recursive DNS will also become widespread. Revenue from DNS redirection will go towards zero, and load at the central servers will go to the sky and never come down ever again.
Um. That happened years ago, mostly by mistake. However I agree with the premise -- as middlemen continue to try to monetize other people's transactions, the endpoints will continue to try to work around the middlemen. So it is with carpet sales, home electronics, online auctions, and now DNS. DNSSEC, now in its eleventh year of preproduction, is supposed to make this kind of middletweaking more detectable, but not more preventable. I suspect that Rodney's idea for doing DNS over IP tunnels is even more desireable than he thinks, for reasons he may not have yet considered. -- Paul Vixie