Re: [Danish] Proposed WG Charter

Viktor Dukhovni <ietf-dane@dukhovni.org> Tue, 15 June 2021 01:34 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: danish@ietfa.amsl.com
Delivered-To: danish@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC0823A18F3 for <danish@ietfa.amsl.com>; Mon, 14 Jun 2021 18:34:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fw4cvvgf2Srs for <danish@ietfa.amsl.com>; Mon, 14 Jun 2021 18:34:32 -0700 (PDT)
Received: from straasha.imrryr.org (straasha.imrryr.org [100.2.39.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE4D13A18F0 for <danish@ietf.org>; Mon, 14 Jun 2021 18:34:32 -0700 (PDT)
Received: by straasha.imrryr.org (Postfix, from userid 1001) id C28E4C541A; Mon, 14 Jun 2021 21:34:30 -0400 (EDT)
Date: Mon, 14 Jun 2021 21:34:30 -0400
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: danish@ietf.org
Message-ID: <YMgDpgoFw/7YS5zn@straasha.imrryr.org>
Reply-To: danish@ietf.org
References: <CAEfM=vRA4P7As25Krc64Q5QTEuQZidpmzWgXWivOxOm8x-9ZAw@mail.gmail.com> <YMZwG/l/pne2tHJF@straasha.imrryr.org> <4978.1623625466@localhost> <A0ECC05F-14D3-4370-B3CF-B27DCE94F613@vpnc.org> <CAEfM=vRO6MuirYSBnD+1UeAjKycaPXaJBSrmmRUB5y9x_fX_oQ@mail.gmail.com> <YMftxgW6NhcKfhZV@straasha.imrryr.org> <CAHPuVdVA40xVt49C5vjz=30fYkj1EUHAQrw2X5F9mrEt6_=bTA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAHPuVdVA40xVt49C5vjz=30fYkj1EUHAQrw2X5F9mrEt6_=bTA@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/danish/dehK7AGmNPAwHKgAt_XMBuS7z5w>
Subject: Re: [Danish] Proposed WG Charter
X-BeenThere: danish@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <danish.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/danish>, <mailto:danish-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/danish/>
List-Post: <mailto:danish@ietf.org>
List-Help: <mailto:danish-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/danish>, <mailto:danish-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jun 2021 01:34:34 -0000

On Mon, Jun 14, 2021 at 08:59:45PM -0400, Shumon Huque wrote:

> I can also say from personal experience that deploying DNSSEC in
> a large complex enterprise remains extremely challenging. Some of the
> largest commercial DNS providers in the world have had constant
> challenges handling the scale of my employer's signed DNS (ask me
> offline sometime and I'll spill the beans). And just a few weeks ago, I
> found another critical DNSSEC bug in one of the major open source
> DNS implementations.

For new applications one need not sign an existing legacy domain,
it is easy to register a new dedicated domain that's signed from
the getgo.

There may be some minor obstacles along the way, but it rather looks
like the software stacks are or will soon be ready to meet them head on.

The specs produced by DANISH will not change the world overnight, the
design should not be anchored in the past.

-- 
    Viktor.