IETF Logo Mail Archive

Re: OFFTOPIC: DNSSEC groupthink versus improving DNS

Duane at e164 dot org <duane@e164.org> Fri, 08 August 2008 09:50 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 68B6B3A6CA3; Fri, 8 Aug 2008 02:50:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.325
X-Spam-Level:
X-Spam-Status: No, score=-0.325 tagged_above=-999 required=5 tests=[AWL=-0.130, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Vky0mJhTRrn; Fri, 8 Aug 2008 02:50:30 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 982763A6407; Fri, 8 Aug 2008 02:50:30 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1KROYe-000EBt-SM for namedroppers-data@psg.com; Fri, 08 Aug 2008 09:46:52 +0000
Received: from [208.82.100.153] (helo=mail.aus-biz.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from <duane@e164.org>) id 1KROYb-000EBU-Cq for namedroppers@ops.ietf.org; Fri, 08 Aug 2008 09:46:51 +0000
Received: from [192.168.100.244] (dsl-48-19.qld1.net.au [125.168.48.19]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail.aus-biz.com (Postfix) with ESMTPSA id E4C3EFF26C; Fri, 8 Aug 2008 19:46:47 +1000 (EST)
Message-ID: <489C1605.2040408@e164.org>
Date: Fri, 08 Aug 2008 19:46:45 +1000
From: Duane at e164 dot org <duane@e164.org>
User-Agent: Thunderbird 2.0.0.16 (X11/20080724)
MIME-Version: 1.0
To: Ondřej Surý <ondrej.sury@nic.cz>
CC: namedroppers@ops.ietf.org
Subject: Re: OFFTOPIC: DNSSEC groupthink versus improving DNS
References: <489AD5E3.20708@nlnetlabs.nl> <20080807134236.GA19024@outpost.ds9a.nl> <E3BF6308-12F6-4269-B949-2853E5E8F607@eng.colt.net> <489BF4C8.9000309@e164.org> <e90946380808080214w431d9298rf819b8b96c7fca3f@mail.gmail.com> <e90946380808080215v2f8e25a8pffe0b9ddb308daab@mail.gmail.com>
In-Reply-To: <e90946380808080215v2f8e25a8pffe0b9ddb308daab@mail.gmail.com>
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>

Ondřej Surý wrote:

> Did you imagined how would this impact root and tld servers (well and
> registrars and others) servers
> if everybody would do this?

I highly doubt everyone will do this, then again everyone keeps going on
about end to end verification and the end user talking directly to
authority name servers would get rid of the whole issue over cache
poisoning altogether, wouldn't mitigate ISP attacks, but then again Paul
Vixie wasn't looking to fight that battle in a previous email thread.

Web caches/proxies for the most part have gone away, site owners that do
large amounts of hits didn't bemoan how bad that was, why do we still
cling to the notion that we must at all cost use DNS caches?

-- 

Best regards,
 Duane


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

v2.23.0 | Report a Bug | By Email