> From: Joe Touch [mailto:touch@xxxxxxx] > Hallam-Baker, Phillip wrote: > >> From: Joe Touch [mailto:touch@xxxxxxx] > > > >> The second is a problem, for reasons explained in my I-D, > because it > >> puts control over host service offerings in the hands of whomever > >> controls its DNS (e.g., another thing for ISPs to claim > makes you a > >> commercial customer at commercial prices) and because it's > >> inefficient. > > > > This is an irrelevant issue based on a premise that is > absolutely and totally wrong. > > > > There is NO CHANGE OF CONTROL due to SRV, none, zip, nadda. > > > > If a party controls the DNS information for a host it controls all > > name based inbound connections to that host absolutely and > irrevocably. > > The DNS controls the IP address; ISPs aren't reluctant to > control the forward DNS lookup for an IP address, even when transient. Mine is, I have no forward DNS pointing to my machine at all from my bandwidth provider. You do not have to use the DNS service provided by your ISP, if you do they control you. > Were the DNS to control the services available, customers > would be at the mercy of their ISP to make new services > widely available. ISPs already want to control that using > port filtering. You are confusing politics with technology and making a hash of both. You do not have to use the DNS service provided by your ISP. Regardless of whether you do or not their ability to filter services is far greater under the port allocation scheme you champion than under a DNS centric model. If the evil service is on port 666 it is a trivial matter to block it, not so if the evil service is being managed by an independent DNS service provider who maps the SRV record to a port that the ISP has not blocked. > ... > > If someone wants to be a first class citizen on the > Internet they have > > to own and control their own DNS service. > > How so? What defines first-class? > All they really need is: > - stable IP addresses > - stable matching forward and reverse DNS entries > - a lack of port filtering No you need to control your own name. Unless you can do that you are a serf. That is why it is better to be hallam-baker.com rather than hallam-baker.blogspot.com. Unless you own the DNS name you are permanently at the mercy of the owner of blogspot.com. If their conditions of service change in ways that are unfavorable to you you have no recourse. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf