discuss AT lists.opennicproject.org
Subject: Discuss mailing list
List archive
- From: Jeff Taylor <shdwdrgn AT sourpuss.net>
- To: discuss AT lists.opennicproject.org
- Subject: [opennic-discuss] Idea for 'protected' domains
- Date: Sun, 06 Mar 2011 00:39:59 -0700
- List-archive: <http://lists.darkdna.net/pipermail/discuss>
- List-id: <discuss.lists.opennicproject.org>
There has been some periodic talk, initially regarding domains such as wikileaks, but more recently about entire zones in conflict areas such as Libya and Egypt... Is there a way that OpenNic can help against hostile government take-overs of the internet traffic to these areas?
The short answer: maybe
Regarding an entire TLD, we are very limited in what can be done without direct correspondence from the person(s) controlling that zone. While anyone has direct access to the list of primary nameservers serving that zone, there is generally little or no detailed info available that would allow us more fine-grained access to information such as the list of domains under that TLD.
Now with specific domains, we have a little more information available because we can query that domain directly. We can probably even get a list of all the subdomains and MX servers. And of course there is a better chance that we may be able to correspond directly with the domain holder, and request that OpenNic be added as a slave zone for their domain.
Since I am regenerating a full root zone every hour, I could use that same window to run comparative tests against the TLDs or domains we are monitoring. I can look for large changes between the information we have on file and the information being reported by ICANN. And since we maintain our own root, we can essentially 'hijack' the information presented by ICANN and substitute our own zone which mirrors what the true owners of the TLD or domain originally had (and thus continuing to provide access to the original sites).
Of course something like this also provides the means for abuse, so we would want to try and take measures to prevent this, however in the end it would come down to a very limited number of people having access to changes, and trusting those people to be honest with your connectivity. Also it would be imperative to be aware when a 'protected' site has been changed, so I think perhaps the easiest method would be to redirect traffic to a notification page which states that the ICANN data may be questionable, and allows the user to choose if they want to continue to the ICANN-presented page, or use OpenNic's cached data to connect to the site.
And lastly, we would need an web page which allows admins to approve or reject the changes to DNS (any pending or rejected changes would spawn the notification page to users). This page also would provide a form for anyone to request a TLD or domain be added to the protection list, which would then be considered and voted upon by OpenNic members.
I think that just about covers what I can think of. This would essentially try to cover internet access in case of government sensitivity, and also be inline with the issues that brought the P2P community to our doorstep a few months ago. I'd love to see some discussion towards this, and I believe a basic framework could be set up fairly quickly, which can be fine-tuned over time.
- [opennic-discuss] Idea for 'protected' domains, Jeff Taylor, 03/06/2011
- Re: [opennic-discuss] Idea for 'protected' domains, Richard Lyons, 03/06/2011
- Re: [opennic-discuss] Idea for 'protected' domains, Jeff Taylor, 03/06/2011
- Re: [opennic-discuss] Idea for 'protected' domains, Zach Gibbens, 03/06/2011
- Re: [opennic-discuss] Idea for 'protected' domains, Jeff Taylor, 03/06/2011
- Re: [opennic-discuss] Idea for 'protected' domains, Jeff Taylor, 03/06/2011
- Re: [opennic-discuss] Idea for 'protected' domains, Peter McCann, 03/06/2011
- Re: [opennic-discuss] Idea for 'protected' domains, Jeff Taylor, 03/06/2011
- Re: [opennic-discuss] Idea for 'protected' domains, Larry Brower, 03/06/2011
- Re: [opennic-discuss] Idea for 'protected' domains, Jeff Taylor, 03/06/2011
- Re: [opennic-discuss] Idea for 'protected' domains, Peter McCann, 03/06/2011
- Re: [opennic-discuss] Idea for 'protected' domains, Richard Lyons, 03/06/2011
Archive powered by MHonArc 2.6.19.