IETF Logo Mail Archive

Re: [DNSOP] Fwd: New Version Notification for draft-pan-dnsop-swild-rr-type-00.txt

Paul Vixie <paul@redbarn.org> Wed, 16 August 2017 07:05 UTC

Return-Path: <paul@redbarn.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF084132397 for <dnsop@ietfa.amsl.com>; Wed, 16 Aug 2017 00:05:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w52nQjMhrN7u for <dnsop@ietfa.amsl.com>; Wed, 16 Aug 2017 00:05:32 -0700 (PDT)
Received: from family.redbarn.org (family.redbarn.org [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C48C6120713 for <dnsop@ietf.org>; Wed, 16 Aug 2017 00:05:32 -0700 (PDT)
Received: from [IPv6:2001:559:8000:c9:fcd9:f67b:792b:7f95] (unknown [IPv6:2001:559:8000:c9:fcd9:f67b:792b:7f95]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id AE08C61FF3; Wed, 16 Aug 2017 07:05:32 +0000 (UTC)
Message-ID: <5993EEBC.9040908@redbarn.org>
Date: Wed, 16 Aug 2017 00:05:32 -0700
From: Paul Vixie <paul@redbarn.org>
User-Agent: Postbox 5.0.16 (Windows/20170718)
MIME-Version: 1.0
To: Mukund Sivaraman <muks@isc.org>
CC: dnsop <dnsop@ietf.org>
References: <149908054910.760.8140876567010458934.idtracker@ietfa.amsl.com> <CANLjSvU23OPMM=cETxBiV7j8UhMzMd426VuivxAtboMAB0=7jw@mail.gmail.com> <alpine.DEB.2.11.1707031317070.21595@grey.csi.cam.ac.uk> <CANLjSvXE4q9PSEc4txKM4OPKXVpT38N_PC2-fDHmihpk29ahcw@mail.gmail.com> <1197245d-6b9a-3c3b-82a0-dc6a1cc3de58@nic.cz> <CANLjSvVe99q4vtTW0TRopmQ0s9hC8HdMze5B6COs8Y_3unir5w@mail.gmail.com> <CAAiTEH8ntOerB6MGKMS2xcCK3TL9n4fyLq6F+bpUY6oTUpWN8w@mail.gmail.com> <20170816054539.GA12897@jurassic> <5993E664.2070107@redbarn.org> <20170816063843.GA16977@jurassic>
In-Reply-To: <20170816063843.GA16977@jurassic>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/4Mclxn2SeT0bPknx6c5w1SlJNLo>
Subject: Re: [DNSOP] Fwd: New Version Notification for draft-pan-dnsop-swild-rr-type-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Aug 2017 07:05:34 -0000


Mukund Sivaraman wrote:
> On Tue, Aug 15, 2017 at 11:29:56PM -0700, Paul Vixie wrote:
>> we should give up.
>>
>> or we shouldn't.
>>
>> not a mixture.
>
> I'm not saying we should give up.. but it's going to be a while before
> we get to an utopia of maximal DNSSEC deployment. In the meantime, there
> are practical problems that need mitigation.

anybody who needs secure denial of existence, of wildcards or other 
data, should deploy dnssec.

anybody who needs their networking partners to have this, should urge 
their partners to deploy dnssec.

if we don't believe that this can be done, then we should give up on dnssec.

there is no middle road here.

-- 
P Vixie

v2.23.0 | Report a Bug | By Email