IETF Logo Mail Archive

Re: The problem I see with DNSSEC as a potential end user and administrator.

Duane at e164 dot org <duane@e164.org> Fri, 08 August 2008 09:42 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D70A73A68FF; Fri, 8 Aug 2008 02:42:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.331
X-Spam-Level:
X-Spam-Status: No, score=-0.331 tagged_above=-999 required=5 tests=[AWL=-0.136, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pGufrcIvK46Y; Fri, 8 Aug 2008 02:42:27 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 0C18C3A68C0; Fri, 8 Aug 2008 02:42:27 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1KROQW-000CzN-Ir for namedroppers-data@psg.com; Fri, 08 Aug 2008 09:38:28 +0000
Received: from [208.82.100.153] (helo=mail.aus-biz.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from <duane@e164.org>) id 1KROQS-000CyT-L7 for namedroppers@ops.ietf.org; Fri, 08 Aug 2008 09:38:26 +0000
Received: from [192.168.100.244] (dsl-48-19.qld1.net.au [125.168.48.19]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail.aus-biz.com (Postfix) with ESMTPSA id 692ADFF26C; Fri, 8 Aug 2008 19:38:22 +1000 (EST)
Message-ID: <489C140C.60205@e164.org>
Date: Fri, 08 Aug 2008 19:38:20 +1000
From: Duane at e164 dot org <duane@e164.org>
User-Agent: Thunderbird 2.0.0.16 (X11/20080724)
MIME-Version: 1.0
To: Ondřej Surý <ondrej.sury@nic.cz>
CC: Namedroppers <namedroppers@ops.ietf.org>, Mark Andrews <Mark_Andrews@isc.org>, Paul Vixie <paul@vix.com>, bert hubert <bert.hubert@netherlabs.nl>
Subject: Re: The problem I see with DNSSEC as a potential end user and administrator.
References: <489BE047.1010100@e164.org> <e90946380808080203g65c99a72meca9db15c1194df1@mail.gmail.com> <489C0E08.3040406@e164.org> <e90946380808080218n7acddd46gd99d39fa71edcb26@mail.gmail.com> <489C112A.8000306@e164.org> <e90946380808080232w756e1123u2237fa1ac846173f@mail.gmail.com>
In-Reply-To: <e90946380808080232w756e1123u2237fa1ac846173f@mail.gmail.com>
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>

Ondřej Surý wrote:

> So when you installed your DNS server infrastructure, was it just
> some "magic" command which caused all your domain names to be server
> by that servers?  Or did you have to make changes to config files,
> generate TSIG keys, configure primary, configure slaves, add zones
> to config file...

apt-get scripts either prompt for more information or pre-config nearly
everything out of the box.

> I see kind of analogy here.  Available tools are bit rough at this time,
> but it's magnituted better that it was half a year ago.

What was, is meaningless to those that don't know or care, what is, is
all that matters if you are trying to sell DNSSEC to the unwashed masses
that aren't drinking the koolaid.

-- 

Best regards,
 Duane


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

v2.23.0 | Report a Bug | By Email