IETF Logo Mail Archive

Re: [dnsext] we need help to make names the same, was draft-yao-dnsext-identical-resolution-02 comment

Phillip Hallam-Baker <hallam@gmail.com> Thu, 24 February 2011 13:17 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BD1473A6806 for <dnsext@core3.amsl.com>; Thu, 24 Feb 2011 05:17:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.565
X-Spam-Level:
X-Spam-Status: No, score=-3.565 tagged_above=-999 required=5 tests=[AWL=0.033, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l7XExX9A7Eep for <dnsext@core3.amsl.com>; Thu, 24 Feb 2011 05:17:25 -0800 (PST)
Received: from mail-bw0-f44.google.com (mail-bw0-f44.google.com [209.85.214.44]) by core3.amsl.com (Postfix) with ESMTP id 4792C3A6ADE for <dnsext@ietf.org>; Thu, 24 Feb 2011 05:17:25 -0800 (PST)
Received: by bwz13 with SMTP id 13so1215597bwz.31 for <dnsext@ietf.org>; Thu, 24 Feb 2011 05:18:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=OIs26NreKAJfdYW9wacDCmHFXVuJjC4OKbtSaD+CVT4=; b=Ex2Uy98FmSTaqyCPByknPvXN+UAIv399Ne06C+jBfpl0PL4ur4llcjM1pbW94MR2De GYFbiNEDR6BCtb+A6RgaRN2wnhmhoeL9yHavaCZ0ls5x/Fl77HkkDTYwe3EHGl0IQLF5 pz8ugNPTpE5eV5ASaBwjS6vhOCYdBuODuP3uo=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=Uqrk/RvLWgRmBfRcgSiZR1ru96VDQIPNHszsrymddXXEoDe28oAGQly7Poprr6wgSO KsATguWA9YqZzLbnDLJAzelultzZZZ9O6AXWfJbUTAdqeLhfOZUbKdCvlMigGFO7eMDY z7Rocmf4vqipYeadPxjS/BXrs3drJ5l35exmU=
MIME-Version: 1.0
Received: by 10.204.72.194 with SMTP id n2mr733727bkj.128.1298553469867; Thu, 24 Feb 2011 05:17:49 -0800 (PST)
Received: by 10.204.14.139 with HTTP; Thu, 24 Feb 2011 05:17:49 -0800 (PST)
In-Reply-To: <alpine.LSU.2.00.1102241248230.27602@hermes-1.csi.cam.ac.uk>
References: <20110216165921.GW96213@shinkuro.com> <3B90ED2E-980D-4B01-889F-447D66D0B58D@insensate.co.uk> <20110216174011.GZ96213@shinkuro.com> <20110218143653.GC84482@bikeshed.isc.org> <20110218151209.GF66684@shinkuro.com> <4D5EEE09.4080405@dougbarton.us> <20110218222950.GL74065@shinkuro.com> <4D5F270F.20401@abenaki.wabanaki.net> <199C7B2B4228461FB024E59A990DB46D@ics.forth.gr> <4D641DB6.4090705@necom830.hpcl.titech.ac.jp> <20110222205617.GS53815@shinkuro.com> <4D64489B.7020901@necom830.hpcl.titech.ac.jp> <713D992A-1DB9-4F72-9D18-8E923AD51D8D@icsi.berkeley.edu> <AANLkTikf2ixw7JkxQiRBobv-seYnaYS0E3G8TboosnA=@mail.gmail.com> <alpine.LSU.2.00.1102231029260.27602@hermes-1.csi.cam.ac.uk> <AANLkTin6-mXBeKC_TzgvWUaCyxKfeZxTK1BQvXtpwuCN@mail.gmail.com> <4CC95816-8225-4CAE-897F-3F13F965BCEE@ICSI.Berkeley.EDU> <alpine.LSU.2.00.1102240953550.5244@hermes-1.csi.cam.ac.uk> <AANLkTiniVDDZXFOV4WryNN=+hK29rBO8_HTAqw7bK=Nf@mail.gmail.com> <alpine.LSU.2.00.1102241248230.27602@hermes-1.csi.cam.ac.uk>
Date: Thu, 24 Feb 2011 08:17:49 -0500
Message-ID: <AANLkTikZYBYyRKkZzMCuCJbVpqLx-2BBYW3TSMQ8ZL81@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Tony Finch <dot@dotat.at>
Content-Type: multipart/alternative; boundary="001636d34b9f4b17d1049d070a55"
Cc: dnsext@ietf.org
Subject: Re: [dnsext] we need help to make names the same, was draft-yao-dnsext-identical-resolution-02 comment
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Feb 2011 13:17:26 -0000

On Thu, Feb 24, 2011 at 7:52 AM, Tony Finch <dot@dotat.at> wrote:

> On Thu, 24 Feb 2011, Phillip Hallam-Baker wrote:
> >
> > Why would I need a time machine? You still don't have anyone actually
> using
> > DNSSEC for production?
>
> Speak for yourself. We're using it in cam.ac.uk and so are our friends at
> ic.ac.uk. Large amounts of cz is signed.


Generating signatures is one thing.

You don't have a deployment until you have people verifying the signatures
and the results affect their behavior.



> > That would be a totally bizarre response to a requirement that is
> nonsense.
>
> Why is data origin authentication of dynamic replies nonsense?


I was referring to the original requirement driving this proposal, making
'names resolve the same'.


-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email