Re: The problem I see with DNSSEC as a potential end user and administrator.

" Ondřej Surý " <ondrej.sury@nic.cz> Fri, 08 August 2008 12:07 UTC

Message-ID: <e90946380808080501p2859b4b8ma406d848f0a08d3@mail.gmail.com>
Date: Fri, 08 Aug 2008 14:01:20 +0200
From: Ondřej Surý <ondrej.sury@nic.cz>
To: Namedroppers <namedroppers@ops.ietf.org>
Subject: Re: The problem I see with DNSSEC as a potential end user and administrator.
In-Reply-To: <20080808102132.GO18233@zaphods.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: base64
Content-Disposition: inline
References: <489BE047.1010100@e164.org> <e90946380808080203g65c99a72meca9db15c1194df1@mail.gmail.com> <489C0E08.3040406@e164.org> <e90946380808080218n7acddd46gd99d39fa71edcb26@mail.gmail.com> <489C112A.8000306@e164.org> <e90946380808080232w756e1123u2237fa1ac846173f@mail.gmail.com> <489C140C.60205@e164.org> <e90946380808080252r35e88807v15e904d10c73cb76@mail.gmail.com> <20080808102132.GO18233@zaphods.net>
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk

2008/8/8 Stefan Schmidt <zaphodb@zaphods.net>:
> On Fri, Aug 08, 2008 at 11:52:08AM +0200, Ond??ej SurÃ½ wrote:
>> > What was, is meaningless to those that don't know or care, what is, is
>> > all that matters if you are trying to sell DNSSEC to the unwashed masses
>> > that aren't drinking the koolaid.
>>
>> Well, we don't need to sell it to masses.  We just need to educated registrars,
>> ISPs and big zone hosters, where people with (at least some) clue works.
>> And that's something what we are working on.
>
> If you don't deploy it to a hundred percent it simply won't be 'the solution'
> to the spoofing and man-in-the-middle problem as some people here like to
> think. Saturation is important to the success of a protocol, think of blueray
> vs. hd-dvd so you need not only to address the forbes500 but also
> www.mylittlewebsitethatsellsstuff.cctld, that kind of thing is often run by
> small companys that lack the clue you want people to have.

That's the reason why to talk to registrars, webhosters and zone hosters (which
is almost the same people here).  That way you hit not only top companies
but also lots and lots of small folks.

Ondrej
-- 
 OndÅej SurÃ½
 technickÃ½ Åeditel/Chief Technical Officer
 -----------------------------------------
 CZ.NIC, z.s.p.o. -- .cz domain registry
 AmerickÃ¡ 23,120 00 Praha 2,Czech Republic
 mailto:ondrej.sury@nic.cz http://nic.cz/
 sip:ondrej.sury@nic.cz tel:+420.222745110
 mob:+420.739013699 fax:+420.222745112
 -----------------------------------------
¶§²æìr¸zÇ§u©²Æ zÚ'jg®iz»+z«²Ú)²'~àÂ+a¶°¢·nË±Êâmè§jÈ§W¥w²Ø^ë,j{[¡ÜÈb½èm¶ÿ¢"z×è®åËlþv¦yÚè¦«³

The problem I see with DNSSEC as a potential end … Duane
Re: The problem I see with DNSSEC as a potential … David Ulevitch
Re: list policies Duane at e164 dot org
Re: The problem I see with DNSSEC as a potential … Duane at e164 dot org
Re: The problem I see with DNSSEC as a potential … Ondřej Surý
Re: The problem I see with DNSSEC as a potential … Duane at e164 dot org
Re: The problem I see with DNSSEC as a potential … Ondřej Surý
Re: The problem I see with DNSSEC as a potential … Duane at e164 dot org
Re: The problem I see with DNSSEC as a potential … Ondřej Surý
Re: The problem I see with DNSSEC as a potential … Duane at e164 dot org
Re: The problem I see with DNSSEC as a potential … Olaf Kolkman
Re: The problem I see with DNSSEC as a potential … Stefan Schmidt
Re: The problem I see with DNSSEC as a potential … Ralf Weber
Re: The problem I see with DNSSEC as a potential … Duane at e164 dot org
Re: The problem I see with DNSSEC as a potential … Ondřej Surý
Re: list policies bmanning
Re: list policies Duane at e164 dot org