IETF Logo Mail Archive

Re: OFFTOPIC: DNSSEC groupthink versus improving DNS

Duane <duane@e164.org> Fri, 08 August 2008 04:23 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 48DB43A6AC4; Thu, 7 Aug 2008 21:23:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.495
X-Spam-Level:
X-Spam-Status: No, score=-0.495 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E7Xqn0vCamU9; Thu, 7 Aug 2008 21:23:34 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 3FA5C3A691F; Thu, 7 Aug 2008 21:22:10 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1KRJQT-0002OX-0N for namedroppers-data@psg.com; Fri, 08 Aug 2008 04:18:05 +0000
Received: from [208.82.100.153] (helo=mail.aus-biz.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from <duane@e164.org>) id 1KRJQP-0002Ns-2n for namedroppers@ops.ietf.org; Fri, 08 Aug 2008 04:18:02 +0000
Received: from [192.168.100.244] (dsl-48-19.qld1.net.au [125.168.48.19]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail.aus-biz.com (Postfix) with ESMTPSA id B95DEFF26C; Fri, 8 Aug 2008 14:18:01 +1000 (EST)
Message-ID: <489BC8F2.3040204@e164.org>
Date: Fri, 08 Aug 2008 14:17:54 +1000
From: Duane <duane@e164.org>
User-Agent: Thunderbird 2.0.0.16 (X11/20080724)
MIME-Version: 1.0
To: Mark Andrews <Mark_Andrews@isc.org>
CC: Paul Vixie <vixie@isc.org>, Olaf Kolkman <olaf@NLnetLabs.nl>, bert hubert <bert.hubert@netherlabs.nl>, Namedroppers <namedroppers@ops.ietf.org>
Subject: Re: OFFTOPIC: DNSSEC groupthink versus improving DNS
References: <200808080409.m7849E6h006829@drugs.dv.isc.org>
In-Reply-To: <200808080409.m7849E6h006829@drugs.dv.isc.org>
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>

Mark Andrews wrote:
>> Mark Andrews wrote:
>>
>>> Validation in off machine caches is only there for the legacy machines.
>> That's always going to be an issue unless you can get all parties to
>> implement something better.
> 
> Well every PC owner can do this today.  It is not that hard to setup
> a on machine validating caching server and to configure the PC to use
> it.

Ok so you're saying these people that get suckered by internet/email
scams would be capable of setting this up properly?

> It's only administative inertia that stops people doing it today.

No, there is a lot more to it than that, most people don't understand
internet security, you know it's bad when most people get warm fuzzy
feelings over actions taken to make them feel secure, when the reality
is so far from the truth it's not funny.

-- 

Best regards,
 Duane

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

v2.23.0 | Report a Bug | By Email