I find this more interesting not from a SOPA standpoint but because comcast has in the past given me false responses instead of NXDOMAIN. Anyone happen to know if this could prevent such a thing, or at least provide a mechanism of testing for it other than blacklisting an IP?
They would have to give some kind of error code that indicates that the DNS server isn't working. Any false assertion about DNS results, including false NXDOMAIN responses, will break DNSSEC (your computer would notice that the response has been forged).
