IETF Logo Mail Archive

Re: The problem I see with DNSSEC as a potential end user and administrator.

Duane at e164 dot org <duane@e164.org> Fri, 08 August 2008 09:31 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4E2EC3A6CB5; Fri, 8 Aug 2008 02:31:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.337
X-Spam-Level:
X-Spam-Status: No, score=-0.337 tagged_above=-999 required=5 tests=[AWL=-0.142, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bcWx1WEcwxVj; Fri, 8 Aug 2008 02:31:01 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 70D403A6CA3; Fri, 8 Aug 2008 02:31:01 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1KROEe-000BI5-8m for namedroppers-data@psg.com; Fri, 08 Aug 2008 09:26:12 +0000
Received: from [208.82.100.153] (helo=mail.aus-biz.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from <duane@e164.org>) id 1KROEa-000BHI-C1 for namedroppers@ops.ietf.org; Fri, 08 Aug 2008 09:26:09 +0000
Received: from [192.168.100.244] (dsl-48-19.qld1.net.au [125.168.48.19]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail.aus-biz.com (Postfix) with ESMTPSA id C21EDFF26C; Fri, 8 Aug 2008 19:26:05 +1000 (EST)
Message-ID: <489C112A.8000306@e164.org>
Date: Fri, 08 Aug 2008 19:26:02 +1000
From: Duane at e164 dot org <duane@e164.org>
User-Agent: Thunderbird 2.0.0.16 (X11/20080724)
MIME-Version: 1.0
To: Ondřej Surý <ondrej.sury@nic.cz>, Namedroppers <namedroppers@ops.ietf.org>, Mark Andrews <Mark_Andrews@isc.org>, Paul Vixie <paul@vix.com>, bert hubert <bert.hubert@netherlabs.nl>
Subject: Re: The problem I see with DNSSEC as a potential end user and administrator.
References: <489BE047.1010100@e164.org> <e90946380808080203g65c99a72meca9db15c1194df1@mail.gmail.com> <489C0E08.3040406@e164.org> <e90946380808080218n7acddd46gd99d39fa71edcb26@mail.gmail.com>
In-Reply-To: <e90946380808080218n7acddd46gd99d39fa71edcb26@mail.gmail.com>
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>

Ondřej Surý wrote:
> 2008/8/8 Duane at e164 dot org <duane@e164.org>:
>> Ondřej Surý wrote:
>>
>>> I know that it does add more burder of shoulder of any sysadmin, but
>>> is it really so much - add a cron job and some monitoring script and
>>> you are done?
>> at some point you load the beasts of burden up with so much work that
>> one extra piece of straw is all that is needed or takes to break the
>> poor animals back.
> 
> But now is starts to be only rhethorical discussion.  Have you calculated
> how much additional work it would be for you?  Using right tools for it
> (like dnssec-tools[1] or ZKT[2])?

If I have to go out of my way to learn about this stuff you again have
shown it is neither straight forward nor simple to do.

Until I can type a single command (or no commands) that sets everything
up I really can't be bothered, since there is no perceived benefit in
doing so for me.

-- 

Best regards,
 Duane


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

v2.23.0 | Report a Bug | By Email