What DNS Is Not (2009)

The thing about DNS I like the least is that you are always at the mercy of a lot of other parties. You can never really own a domain, only rent it. You depend on the owner of the TLD you use to keep honoring your contract and they depend on the owner of the root zone. Prices can just rise because there is a lot of friction to change the domain. Through no fault of your own you can lose your access to a domain (.ga, .af). And that is especially problematic in systems that use the domain as an identifier (see ActivityPub). I wish there was a better way but I can't think of one.

I would be curious to know what Paul Vixie thinks of things like DKIM and DMARC. Both of them turn DNS into a database of convenience for every major email provider on the planet, while neither of these technologies seems to make any useful impact on spam itself as the former is as often ignored as the latter is misconfigured. for relaying to Google, one must take a prescriptive and religious approach by accepting both these gods as a precondition of your delivery.

the &quot;Stupid DNS Tricks&quot; section says using dns to map clients to a nearby pop is a trick. they predicted this trick would be used for decades and it seems like they were right. i know cloudfront uses this in some fancy form.<p>i don&#x27;t know if i&#x27;d call it a trick though. if you have multiple pops, dns feels like a natural place to control what traffic goes to which pop. you will need resolvers to be well behaved which will never be the case. not all will respect ttls and use the client subnet extension but a lot do. dns gives you a nice knob and hooks to apply rules to control the traffic to each pop. this paper i think describes the idea well <a href="https:&#x2F;&#x2F;www.sigcomm.org&#x2F;sites&#x2F;default&#x2F;files&#x2F;ccr&#x2F;papers&#x2F;2015&#x2F;July&#x2F;0000000-0000009.pdf" rel="nofollow">https:&#x2F;&#x2F;www.sigcomm.org&#x2F;sites&#x2F;default&#x2F;files&#x2F;ccr&#x2F;papers&#x2F;2015&#x2F;...</a>.<p>if using dns like this is a trick, what is the right way to map a client to 1 of multiple pops? anycast?

Noting that the linked post is quite old, we now have things like ECS which (seek to) address one of the listed problems.<p><a href="https:&#x2F;&#x2F;en.m.wikipedia.org&#x2F;wiki&#x2F;EDNS_Client_Subnet" rel="nofollow">https:&#x2F;&#x2F;en.m.wikipedia.org&#x2F;wiki&#x2F;EDNS_Client_Subnet</a>

this idyllic vision presupposes the existence of the Ministry of Truth under which root zones would be managed. Alas, this is not the case &#x2F;s