[DNS] Telstra DNS redirection

[DNS] Telstra DNS redirection

From: Brett Fenton <brett.fenton§netregistry.com.au>
Date: Fri, 20 Nov 2009 13:11:41 +1100
Hi Anand,

They do mention 'privacy' but then don't actually say what issues that may or 
may not be. Just like 'poor user experience'.

But I don't see how privacy is going to be addressed through your ISP, given 
they know exactly who you are regardless, you've already authenticated 
yourself onto their network. Bit different to anonymous web browsing. 

I'll absolutely conceed your point in regards to mobile devices. Something I 
hadn't considered. Is the amount of data coming back that much of an issue? 
It'd be less than 50KB I'd expect but sure some people will have an issue with 
that. 

Perhaps I could ask this Anand. 

Rather than give me a list of hypothetical potential issues, this type of 
service has been launched in other markets, Telstra unsuprisingly aren't the 
first. Are there any real world incidents that are documented that show this 
as being a problem.

I googled for 30 minutes and couldn't come up with anything.

> Hi Brett,
> 
> On Fri, Nov 20, 2009 at 1:38 AM, Brett Fenton
> 
> <brett.fenton&#167;netregistry.com.au> wrote:
> > Sigh. I'm not sure anybody looks to ICANN for technical brilliance. Their
> > 'problems caused' summary for example - poor user experience. That's
> > subjective, not a technical resolution, as are a few of the others.
> >
> > Regardless. The issue in the paper, is wildcarding in the root, which is
> > what Verisign did.
> 
> Actually it was talking about: "redirection / synthesis for all TLDs
> (gTLDs & ccTLDs)
> 
> The reasons they listed are:
> 
>  - architectural violation
>  - impact on Internet protocols
>  - single point of failure
>  - reserved and blocked domains appearing 'live'
>  - privacy concerns
>  - lack of choice for Internet users
>  - poor user experience
>  - impact on IDN TLDs
> 
> The first three are (frankly, minor) technical reasons.
> 
> One technical reason not listed is that if you happen to be browsing
> via a mobile phone, you'll get more data back that an NXDOMAIN. I
> wonder if Telstra charge you for that extra, valuable, data.
> 
> A more interesting reason, though, is 'privacy'.
> 
> > Unless you know something I don't Telstra aren't wildcarding in the root.
> > They are returning defined HTTP against failed lookups.
> 
> You mean they are synthesising records for non-existant domains, just
> like what the paper mentions?
> 
> I don't understand how you could read the same paper that I did and
> completely misrepresent it.
> 
> Was that intentional?
> 
> > A better analogy might be for example how a browser handles a fail. IE
> > displaying Bing search results or Chrome displaying Google content.
> 
> Yes - I expect MY browser to know more about me.
> 
> And potentially give me a better result when the underlying protocols
> indicate a problem.
> 
> But in this case, the job that I've assigned my browser to do is being
> subverted.
> 
> Both the browsers you mention take the issue of user privacy so
> seriously they do not actually use the URL that returned a NXDOMAIN
> when looking up their recommendation service.
> 
> They take a hash of it, and then find other URLs near the same hash
> bucket to display suggested URLS (actually there is more to it, but
> I'll assume you are technical enough to dig up the details).
> 
> > I'm sorry but I'm still not seeing this as anything other than a very
> > minor inconcenience to a very small subset of users (who have the ability
> > to turn it off anyway).
> 
> Kind of like your mechanic deciding for you that you really only need
> 3 cylinders in your car. It'll inconvenience a small subset of users
> who can re-install the extra cylinder if absolutely necessary, right?
> 
> Cheers,
> Anand
> ---------------------------------------------------------------------------
> List policy, unsubscribing and archives => http://dotau.org/
> 
Received on Thu Nov 19 2009 - 18:11:41 UTC

This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:10 UTC