ICANN/DNSO
DNSO Mailling lists archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] Mr. Qaddafi Salutes Verisign


on 11/15/01 3:40 PM, Roeland Meyer at rmeyer@mhsc.com wrote:

> Those concerning themselves with security aspects of this might want to know
> that not having a publically visible DNS entry does not technically prohibit
> one from being on the Internet. However, blocking all packets in/out of
> those countries does. Even so, snaking a fiber bundle across a border, to a
> friendly/oblivious neighbor, adequately gets around that problem as well.
> 

If you protect your building with a security alarm, you are not providing
any form of physical barrier to entry, but it's effective as a deterrant
against the casual opportunist, which 90% of the risk.  So the fact that
there is no fullproof method to prevent entry into the DNS is no reason not
to put up barriers. There are two aspects to this, provider and user. You
want to stop terrorists being able to disseminate information, and stop
users from receiving it. Both can be deterred by what would seem to me to be
an incredibly simple task, removing all embargoed Domain names from the DNS.

Regards,
Joanna 

--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>