Re: [dnsext] enough is enough
Patrik Fältström <paf@frobbit.se> Mon, 22 December 2014 05:50 UTC
Return-Path: <paf@frobbit.se>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 408F81A8838 for <dnsext@ietfa.amsl.com>; Sun, 21 Dec 2014 21:50:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.261
X-Spam-Level:
X-Spam-Status: No, score=-1.261 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nW-hox6hABpB for <dnsext@ietfa.amsl.com>; Sun, 21 Dec 2014 21:50:37 -0800 (PST)
Received: from mail.frobbit.se (mail.frobbit.se [IPv6:2a02:80:3ffe::176]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E76AE1A0163 for <dnsext@ietf.org>; Sun, 21 Dec 2014 21:50:36 -0800 (PST)
Received: from [IPv6:2a02:80:3ffc::b0a7:8760:fd77:de4d] (unknown [IPv6:2a02:80:3ffc:0:b0a7:8760:fd77:de4d]) by mail.frobbit.se (Postfix) with ESMTPSA id 93F631FF88; Mon, 22 Dec 2014 06:50:34 +0100 (CET)
Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\))
Content-Type: multipart/signed; boundary="Apple-Mail=_B709CCBC-BC83-4C5B-8CD8-1B12F0F34DBD"; protocol="application/pgp-signature"; micalg="pgp-sha1"
X-Pgp-Agent: GPGMail 2.5b3
From: Patrik Fältström <paf@frobbit.se>
In-Reply-To: <20141221143310.GA28183@xs.powerdns.com>
Date: Mon, 22 Dec 2014 06:50:33 +0100
Message-Id: <5F95A9A0-EC70-4F3E-9527-373640F9BBD4@frobbit.se>
References: <20141220125805.GB20765@xs.powerdns.com> <20141220142506.C7EA12630502@rock.dv.isc.org> <A78F8417-AEA2-42BF-A7D5-96FE99DCBBBE@rfc1035.com> <20141220204337.4F47026313BC@rock.dv.isc.org> <7A31183A-CC1E-4F0A-A2EA-848B10B60A2B@insensate.co.uk> <E732A2F7-E467-4940-8A66-726FC894B4B3@frobbit.se> <20141221094454.GC13389@xs.powerdns.com> <55B7725D-1B11-4D8D-BDA3-43748E8E12A7@frobbit.se> <20141221143310.GA28183@xs.powerdns.com>
To: bert hubert <bert.hubert@netherlabs.nl>
X-Mailer: Apple Mail (2.1993)
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsext/BbMQqcoSbo5m-dUgClMyhlC5gd8
Cc: DNSEXT Group Working <dnsext@ietf.org>
Subject: Re: [dnsext] enough is enough
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext/>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Dec 2014 05:50:39 -0000
> On 21 dec 2014, at 15:33, bert hubert <bert.hubert@netherlabs.nl> wrote: > > On Sun, Dec 21, 2014 at 11:33:17AM +0100, Patrik Fältström wrote: >>> The domain x.y.z fails to resolve using our software, and we have determined >>> that this is because the software or hardware publishing the DNS details of >>> x.y.z is not conforming to the DNS standards. >> As Jim says, your idea is nice as it is, and there is nothing wrong with >> the email -- but we have no idea what so ever where to send it. > > Actually, as the authors of a resolver, we know exactly where to send it. To > the people telling me I need to fix my resolver so it works with broken > domain X. Ok, good. That is exactly what I claim is the most effective way of solving the issue. > And in turn, we've found that (together with resolver operators) we can > quickly find out what broken hardware or software is behind the issue - > Citrix Netscalers this time round. It helps if large operators (people with > tens of millions of customers) tell them they need to clean up their act. Yes. > The REAL issue right now is that we can't resist fixing a broken domain > "because it works with Google/Unbound/Bind/Microsoft, so you must fix it". > > What is needed is a pact that none of us will respect that argument on its > own if a domain actually should be broken. > >> The best path forward is I think still for you to publish clear and crisp >> information like this on your web page so that it is found when searching >> for help with Google and other search engines. >> >> I.e. as long as no one have any issues with the brokenness, it will not be fixed. > > Exactly. It should actually break therefore. If you own dodgy equipment or > use bad software, your domain should receive lots of reports of brokenness. > >> If not even TLDs are hosted correctly, and registry policies are such that >> it encourages broken DNS configurations, I feel there is not much The >> Protocol Police can do about it. > > I'm afraid this is true. But if all big implementation decide to no longer > play the game, the (mostly) load balancer implementations will have to clean > up their act. > > I also note that quite a lot of problems are AAAA related. This in itself is > an impediment to IPv6 adoption! Yes. Patrik
- [dnsext] Empty AA=0 AD=1 answers to AAAA queries:… bert hubert
- Re: [dnsext] Empty AA=0 AD=1 answers to AAAA quer… Mark Andrews
- Re: [dnsext] Empty AA=0 AD=1 answers to AAAA quer… bert hubert
- [dnsext] getting TLDs to fix other people's probl… Jim Reid
- Re: [dnsext] getting TLDs to fix other people's p… Mark Andrews
- Re: [dnsext] getting TLDs to fix other people's p… Lawrence Conroy
- Re: [dnsext] getting TLDs to fix other people's p… Patrik Fältström
- [dnsext] enough is enough bert hubert
- Re: [dnsext] getting TLDs to fix other people's p… Jim Reid
- Re: [dnsext] enough is enough Jim Reid
- Re: [dnsext] enough is enough Patrik Fältström
- Re: [dnsext] Empty AA=0 AD=1 answers to AAAA quer… Alex Bligh
- Re: [dnsext] enough is enough bert hubert
- Re: [dnsext] getting TLDs to fix other people's p… Jay Daley
- Re: [dnsext] enough is enough Mark Andrews
- Re: [dnsext] enough is enough Patrik Fältström
- Re: [dnsext] enough is enough Patrik Fältström
- Re: [dnsext] enough is enough Mark Andrews
- Re: [dnsext] enough is enough Patrik Fältström
- Re: [dnsext] enough is enough Stephane Bortzmeyer