Re: [dnsext] TTL on DS records
Andrew Sullivan <ajs@anvilwalrusden.com> Sat, 21 February 2015 12:21 UTC
Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF7691A6FEB for <dnsext@ietfa.amsl.com>; Sat, 21 Feb 2015 04:21:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.559
X-Spam-Level: **
X-Spam-Status: No, score=2.559 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_MISMATCH_INFO=1.448, HOST_MISMATCH_NET=0.311] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eeKBRe_wz5xS for <dnsext@ietfa.amsl.com>; Sat, 21 Feb 2015 04:21:08 -0800 (PST)
Received: from mx1.yitter.info (ow5p.x.rootbsd.net [208.79.81.114]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D0541A6FE9 for <dnsext@ietf.org>; Sat, 21 Feb 2015 04:21:08 -0800 (PST)
Received: from mx1.yitter.info (unknown [50.189.173.0]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.yitter.info (Postfix) with ESMTPSA id EDAC08A035 for <dnsext@ietf.org>; Sat, 21 Feb 2015 12:21:05 +0000 (UTC)
Date: Sat, 21 Feb 2015 07:21:04 -0500
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: dnsext@ietf.org
Message-ID: <20150221122103.GJ13877@mx1.yitter.info>
References: <FB3C26C9-BC39-4819-9BE8-167E2A3711B7@verisign.com> <54E862FF.1080808@blipp.com> <CFE90DD0-9AD1-469F-8272-20C9443056FD@frobbit.se>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CFE90DD0-9AD1-469F-8272-20C9443056FD@frobbit.se>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsext/gnDwkWO1XfAsrbhz6u9IcWjjINg>
Subject: Re: [dnsext] TTL on DS records
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext/>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Feb 2015 12:21:09 -0000
On Sat, Feb 21, 2015 at 12:15:29PM +0100, Patrik Fältström wrote: > > My personal view is that the TTL for the DS should be really short. This would be yet another reason for people not to turn on validation, because validating will become an excellent way to increase latency in page loading. It seems to me that you want to defend against one problem (lousy operator) by creating a new one (poor caching). I'm not convinced that's an excellent trade off. A -- Andrew Sullivan ajs@anvilwalrusden.com
- [dnsext] TTL on DS records Wessels, Duane
- Re: [dnsext] TTL on DS records Patrik Wallström
- Re: [dnsext] TTL on DS records Patrik Fältström
- Re: [dnsext] TTL on DS records Andrew Sullivan
- Re: [dnsext] TTL on DS records Patrik Fältström
- Re: [dnsext] TTL on DS records Eric Brunner-Williams
- Re: [dnsext] TTL on DS records Patrik Fältström
- Re: [dnsext] TTL on DS records Ralf Weber
- Re: [dnsext] TTL on DS records Andrew Sullivan
- Re: [dnsext] TTL on DS records Olafur Gudmundsson
- Re: [dnsext] TTL on DS records Andrew Sullivan
- Re: [dnsext] TTL on DS records Ralf Weber