IETF Logo Mail Archive

Re: [dnsext] comments on draft-crocker-dnssec-algo-signal-03

bert hubert <bert.hubert@gmail.com> Wed, 29 July 2009 21:40 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 67CB23A659A; Wed, 29 Jul 2009 14:40:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.495
X-Spam-Level:
X-Spam-Status: No, score=-0.495 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d6T3yLXVrGPG; Wed, 29 Jul 2009 14:40:02 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 63A8A3A68C2; Wed, 29 Jul 2009 14:40:02 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1MWGo3-0006nG-ID for namedroppers-data0@psg.com; Wed, 29 Jul 2009 21:35:27 +0000
Received: from [209.85.219.228] (helo=mail-ew0-f228.google.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from <bert.hubert@gmail.com>) id 1MWGnz-0006mp-Ri for namedroppers@ops.ietf.org; Wed, 29 Jul 2009 21:35:25 +0000
Received: by ewy28 with SMTP id 28so199958ewy.41 for <namedroppers@ops.ietf.org>; Wed, 29 Jul 2009 14:35:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:message-id:subject:to:cc:content-type :content-transfer-encoding; bh=uVQ1zTAQu9GHIyaPZ9ld1IiCnKma8OACQOTLXzuxWi8=; b=s0wfvkES7NlIH4rXZDPDBss/GWVj8HqNH29mnShbPwe374Fox+s6qNN2ZKlM2RsWEH P0aDV08uUo9+bA5fPWx8zHBWgWu36klClUeDE2w3q5UeP4JAUBIWPIBg10O07KuX6fGz zf+hsQJQPo8RSVC+KbYh424j0vT/bcj8HlImI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; b=fOOIwwbcg0Fm7aZl8WJEQiGyirt1WSCibvyI2w9TbpjcIxLCxYxwBPZDPcuas55vi2 IYTbCwc7usslZDoIA+tuv4+vXY0W65o5EHmY4YTO/z0oFTrSmY899OMQt4NhyP/dpu8s xu8uCHKQRWI5DLs/RjV17hHZt9qMXm55v/doI=
MIME-Version: 1.0
Received: by 10.210.68.17 with SMTP id q17mr642184eba.6.1248903322133; Wed, 29 Jul 2009 14:35:22 -0700 (PDT)
In-Reply-To: <4A702AE1.10201@isc.org>
References: <4A702AE1.10201@isc.org>
From: bert hubert <bert.hubert@gmail.com>
Date: Wed, 29 Jul 2009 23:35:02 +0200
Message-ID: <3efd34cc0907291435x24ed85f3yf94093be19ef4540@mail.gmail.com>
Subject: Re: [dnsext] comments on draft-crocker-dnssec-algo-signal-03
To: Michael Graff <mgraff@isc.org>
Cc: namedroppers@ops.ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>

On Wed, Jul 29, 2009 at 12:56 PM, Michael Graff<mgraff@isc.org> wrote:
> Let me state some reasons I'm opposed to this draft's purpose, even though I
> think some part of it would be very interesting to pursue.

To add my reason why I'm opposed to this draft (versus its purpose):
The complexity of DNSSEC is already of such stunning magnitude that
almost anything that makes it even more complex, better have an earth
shatteringly good reason going for it.

And in this case, I'm not convinced selecting algorithms is the only
way to go - it may in fact be better to simply pick algorithms well,
and not choose too many.

It may be that my state of mind is influenced by trying to implement
NSEC3 processing - but when that is done, I don't think my opinion of
DNSSEC complexity, and it being too complex already, is going to
change.

     Bert

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

v2.23.0 | Report a Bug | By Email