Multi-root DNS is real.

[Dan Mahoney, System Admin]

On Wed, 7 Dec 2005, Matt Ghali wrote:

> On Wed, 7 Dec 2005, Matthias Fischmann wrote:
>
>  besides yet more beautiful unicode-related desaster, the article
>  points out that there are by now different DNS roots in the internet,
>  and which one you reach depends on your client IP address.
>
> There may well be thousands of "roots" on the internet, but at least
> so far, there has been almost no buy-in from caching server
> operators willing to point at these "alternate roots".
>
> I could configure my nameserver to serve '.' authoritatively with
> any data I want in a couple of minutes, but the signifigance of me
> doing so (other than to myself) would be zero.
>
> Whether or not your resolver hits an 'alternate root' depends not on
> your IP address, but what nameserver your resolver is using. As of
> now I do not believe any regional ISPs have drank the alt-root
> koolaid.

True enough, but in setting your nameserver to a DNS server which is 
configured to hand off the one true (tm) root-servers.net zone -- PLUS the 
.onion zone, is harmless enough, and can be done on both individual pcs, 
or on things like linksys routers.

The main problem with alternate namespaces as per Paul Vixie, et al, is 
that it steps heavily on things if other TLD's are ever adopted.  I don't 
ever see .onion being adopted by anyone else.

The real question here, of course, is what happens if someone DOES somehow 
get .onion officially delegated to them.

As for using it with Tor?  Well, keep in mind that now all your DNS 
queries are being sent along to that new resolver, and your actions can be 
tracked that way unless you're using privoxy to do the resolution 
directly, which kinda cancels out the privacy thing.

-Dan

--

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------