ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Questions about draft-lear-iana-no-more-well-known-ports-00.txt

2006-06-06 10:00:33
from [Hallam-Baker, Phillip] [Permanent Link] 


From: Joe Touch [mailto:touch(_at_)ISI(_dot_)EDU] 



Hallam-Baker, Phillip wrote:

From: Joe Touch [mailto:touch(_at_)ISI(_dot_)EDU]



The second is a problem, for reasons explained in my I-D, 

because it 

puts control over host service offerings in the hands of whomever 
controls its DNS (e.g., another thing for ISPs to claim 

makes you a 

commercial customer at commercial prices) and because it's 
inefficient.


This is an irrelevant issue based on a premise that is 

absolutely and totally wrong.


There is NO CHANGE OF CONTROL due to SRV, none, zip, nadda.

If a party controls the DNS information for a host it controls all 
name based inbound connections to that host absolutely and

irrevocably.

The DNS controls the IP address; ISPs aren't reluctant to 
control the forward DNS lookup for an IP address, even when transient.


Mine is, I have no forward DNS pointing to my machine at all from my bandwidth 
provider.

You do not have to use the DNS service provided by your ISP, if you do they 
control you.


Were the DNS to control the services available, customers 
would be at the mercy of their ISP to make new services 
widely available. ISPs already want to control that using 
port filtering.


You are confusing politics with technology and making a hash of both.

You do not have to use the DNS service provided by your ISP.

Regardless of whether you do or not their ability to filter services is far 
greater under the port allocation scheme you champion than under a DNS centric 
model.

If the evil service is on port 666 it is a trivial matter to block it, not so 
if the evil service is being managed by an independent DNS service provider who 
maps the SRV record to a port that the ISP has not blocked.


...

If someone wants to be a first class citizen on the 

Internet they have 

to own and control their own DNS service.


How so? What defines first-class?




All they really need is:
      - stable IP addresses
      - stable matching forward and reverse DNS entries
      - a lack of port filtering


No you need to control your own name. Unless you can do that you are a serf.

That is why it is better to be hallam-baker.com rather than 
hallam-baker.blogspot.com. Unless you own the DNS name you are permanently at 
the mercy of the owner of blogspot.com. If their conditions of service change 
in ways that are unfavorable to you you have no recourse.


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Questions about draft-lear-iana-no-more-well-known-ports-00.txt, Joe Touch
Next by Date:  Re: Best practice for data encoding?, Steven M. Bellovin
Previous by Thread:  Re: Questions about draft-lear-iana-no-more-well-known-ports-00.txt, Joe Touch
Next by Thread:  Re: Questions about draft-lear-iana-no-more-well-known-ports-00.txt, Joe Touch
Indexes:  [Date] [Thread] [Top] [All Lists]