General Discussion

Last edited Mon Mar 17, 2014, 08:53 AM - Edit history (2)

It would be difficult to censor the internet through the root DNS zone. For instance, if someone wanted to censor democraticunderground.com through the root zone, they would need to censor all of the .com TLD (top-level domain).

DNS (domain name system) is a hierarchy with the root zone at the top. The next level are the TLDs (top-level domains), such as .com, .edu, .gov, .uk, etc. Each level has an authority which is responsible for the next sub-level or levels.

It would look something like this:

(root)
|
-> com
|
-> com.apple
-> com.democraticunderground
-> com.microsoft
-> net
-> gov
|
-> gov.house
-> gov.senate
-> gov.whitehouse
-> uk
|
-> uk.co
|
-> uk.co.apple
-> uk.co.microsoft

The root level (or zone) contains links to the authoritative name servers for all the TLDs. Then each authoritative name server for a TLD contains links to the authoritative name servers under it. In order for someone at the root level to censor democraticunderground.com, they would need to point authority for all of the com zone somewhere else. And that would be very quickly noticed.

ISPs run their own DNS server which cache the DNS hierarchy as to not have to ask the root name servers for every resolution answer. An ISP, either themselves or under order of government, certainly could block a domain by resolving it to the wrong IP address. But they can do this now and the US not having complete control over the root zone doesn't change that in any way by making it easier or harder.