NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Comcast files "recommended practices" draft RFC with IETF for DNS Redirection


I note that this draft RFC proposes practices that routinely return 
*valid* responses to erroneous DNS lookups, and encourage an opt-out 
policy rather than an opt-in policy.

The sole justification is that the default way that a browser such as 
Firefox or IE would present an error message is inadequate for users, 
thus an ISP should take matters into its own hands to fix that cosmetic 
problem, rather than asking the browser vendors to do a better job!

And the side effects identified do not include the impact on http 
requests not generated by typing into web browsers, but instead used as 
part of "web 2.0" service apis and other uses of port 80 that do not 
arise from end users typing into the url bar of their browser.

One might ask why the sole justification given  for this misuse of DNS 
to patch an application weakness is the only one?

And even more so, why this is such an urgent problem that ISPs must fix 
it via a flawed and risky solution, rather than the makers of browsers 
fixing it in the most logical place?

The potential to disrupt non web-browser features is noted in the "draft 
RFC", but instead of a balanced analysis of benefits and costs to other 
uses, the draft is silent.  In fact, the draft refers to this as 
"enhanced" functionality.

I expect the wiser heads at the IETF to prevail....  This is a solution 
to a non-existent "problem", with bad side effects.

While this is not exactly the same as directing a misdialed phone call 
to call a Caribbean phone company number with the consequent  and 
unavoidable billing charge to the user, it seems very close to that sort 
of thing - a surprise to all application developers, and a modification 
to the expected semantics of directory lookup.

   [ I agree with David.  If IETF goes along with this proposal, there
     is something very rotten in Denmark.  What's really amusing about
     the referenced document though is that for all its verbiage in
     which it tries to establish a "need" for such DNS redirect
     services -- mostly focused on highly questionable assumptions
     about malware protection and legal mandates -- it fails to
     mention the primary reason that ISPs implement DNS redirects.

     This is of course use of such DNS diversion services to create
     profit centers, by shunting users to ISP-affiliated search
     engines and affiliated ad delivery services, attemping to
     monetize users' interactions with the broader Internet by
     capturing low-level transactional communications to which the ISP
     has privileged access.

         -- Lauren Weinstein
            NNSquad Moderator ]