IETF Logo Mail Archive

Re: OFFTOPIC: DNSSEC groupthink versus improving DNS

Duane <duane@e164.org> Fri, 08 August 2008 01:08 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B03DB3A6C17; Thu, 7 Aug 2008 18:08:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.495
X-Spam-Level:
X-Spam-Status: No, score=-0.495 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0FZbmSYr0eN5; Thu, 7 Aug 2008 18:08:03 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id DA6733A682A; Thu, 7 Aug 2008 18:08:02 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1KRGNr-0009oI-SQ for namedroppers-data@psg.com; Fri, 08 Aug 2008 01:03:12 +0000
Received: from [208.82.100.153] (helo=mail.aus-biz.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from <duane@e164.org>) id 1KRGNo-0009nl-C3 for namedroppers@ops.ietf.org; Fri, 08 Aug 2008 01:03:10 +0000
Received: from [192.168.100.244] (dsl-48-19.qld1.net.au [125.168.48.19]) (using SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail.aus-biz.com (Postfix) with ESMTPSA id 7B2E1FF26C; Fri, 8 Aug 2008 11:03:09 +1000 (EST)
Message-ID: <489B9B48.4090605@e164.org>
Date: Fri, 08 Aug 2008 11:03:04 +1000
From: Duane <duane@e164.org>
User-Agent: Thunderbird 2.0.0.16 (X11/20080724)
MIME-Version: 1.0
To: Olaf Kolkman <olaf@NLnetLabs.nl>
CC: bert hubert <bert.hubert@netherlabs.nl>, Namedroppers <namedroppers@ops.ietf.org>
Subject: Re: OFFTOPIC: DNSSEC groupthink versus improving DNS
References: <489AD5E3.20708@nlnetlabs.nl> <20080807134236.GA19024@outpost.ds9a.nl> <F153E1C5-6E05-475A-897D-471398D161C9@NLnetLabs.nl>
In-Reply-To: <F153E1C5-6E05-475A-897D-471398D161C9@NLnetLabs.nl>
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>

Olaf Kolkman wrote:

> Imagine a person that has spend considerable amount of time, money and
> energy in implementing DNSSEC in servers, tools and libraries; has
> 'evanginered' DNSSEC for years in a consistently balanced way,
> recognizing that implementing DNSSEC is far from easy; and has provided
> multiple pieces of documentation. In other words a person who has put
> the money where the mouth is.

You summed it up so nicely, they have put so much time and effort into
this that they can't see if there are other options because they are
blinded by the blinkers they have on, to go forward no matter what the
cost or no matter what other solutions could solve the same problem.

> How would such person defend against being assessed to suffer from
> groupthink or tunnelvission?

All I've heard lately is shouts of enable DNSSEC now, or die, frankly
I'm not very moved by them nor anyone else I know, it's 2008 and DNSSEC
is using a model even X.509 threw out years ago and has been trying to
fix every since.

-- 

Best regards,
 Duane

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

v2.23.0 | Report a Bug | By Email