[DNSOP] DNSng-ish (was Re: key lengths for DNSSEC)
Andrew Sullivan <ajs@anvilwalrusden.com> Wed, 02 April 2014 23:31 UTC
Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8A661A0428 for <dnsop@ietfa.amsl.com>; Wed, 2 Apr 2014 16:31:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.141
X-Spam-Level:
X-Spam-Status: No, score=-0.141 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_INFO=1.448, HOST_MISMATCH_NET=0.311] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zUqbo2xMIi-6 for <dnsop@ietfa.amsl.com>; Wed, 2 Apr 2014 16:31:16 -0700 (PDT)
Received: from mx1.yitter.info (ow5p.x.rootbsd.net [208.79.81.114]) by ietfa.amsl.com (Postfix) with ESMTP id B0E831A041D for <dnsop@ietf.org>; Wed, 2 Apr 2014 16:31:14 -0700 (PDT)
Received: from mx1.yitter.info (c-75-69-155-67.hsd1.nh.comcast.net [75.69.155.67]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.yitter.info (Postfix) with ESMTPSA id F2E538A031 for <dnsop@ietf.org>; Wed, 2 Apr 2014 23:31:07 +0000 (UTC)
Date: Wed, 02 Apr 2014 19:31:06 -0400
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: dnsop@ietf.org
Message-ID: <20140402233105.GD56668@mx1.yitter.info>
References: <78F386B0-BC6B-4159-B9D4-4BFEB10252A6@rfc1035.com> <1D0A45EF-E5D3-468D-BA08-E45FEF4399DE@dnss.ec> <CAMm+LwgNoNhg7wSO+wqCGujBSfC4Fu3cwMPu2nTmkdvDwAD5Mw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAMm+LwgNoNhg7wSO+wqCGujBSfC4Fu3cwMPu2nTmkdvDwAD5Mw@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/5esBhGg-pR7UDgxWwJG1y8MGVlw
Subject: [DNSOP] DNSng-ish (was Re: key lengths for DNSSEC)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Apr 2014 23:31:20 -0000
On Wed, Apr 02, 2014 at 07:21:11PM -0400, Phillip Hallam-Baker wrote: > Which is why I have been pushing the notion that if we are going to do DNSE > then part of the DNSE solution should be to get us out of the single > response packet straightjacket. I've seen what you've had to say on that, and what I just don't understand yet is how that answer is deployable. That is, how is what you are suggesting there (and in your other discussions of this topic) not "replace DNS"? Or, if it is, why don't we just do a new protocol completely? We could fix the internationalization issues. We could ditch UDP and in a single blow eliminate a major source of DDoS on the Internet. And so on. The only problem is getting everyone to upgrade. No? A -- Andrew Sullivan ajs@anvilwalrusden.com
- Re: [DNSOP] key lengths for DNSSEC Phillip Hallam-Baker
- [DNSOP] key lengths for DNSSEC Jim Reid
- Re: [DNSOP] key lengths for DNSSEC Ted Lemon
- Re: [DNSOP] key lengths for DNSSEC Joe Abley
- [DNSOP] DNSng-ish (was Re: key lengths for DNSSEC) Andrew Sullivan
- Re: [DNSOP] key lengths for DNSSEC đź”’ Roy Arends
- Re: [DNSOP] key lengths for DNSSEC Phil Regnauld
- Re: [DNSOP] key lengths for DNSSEC Christopher Morrow
- Re: [DNSOP] key lengths for DNSSEC Christopher Morrow
- Re: [DNSOP] key lengths for DNSSEC Ted Lemon
- Re: [DNSOP] key lengths for DNSSEC Evan Hunt
- Re: [DNSOP] key lengths for DNSSEC Nicholas Weaver
- Re: [DNSOP] key lengths for DNSSEC Frederico A C Neves
- Re: [DNSOP] key lengths for DNSSEC Richard Lamb
- Re: [DNSOP] DNSng-ish (was Re: key lengths for DN… Phillip Hallam-Baker
- Re: [DNSOP] DNSng-ish (was Re: key lengths for DN… Andrew Sullivan
- Re: [DNSOP] DNSng-ish (was Re: key lengths for DN… Phillip Hallam-Baker
- Re: [DNSOP] DNSng-ish (was Re: key lengths for DN… Phillip Hallam-Baker
- Re: [DNSOP] key lengths for DNSSEC Tony Finch
- Re: [DNSOP] key lengths for DNSSEC Tony Finch
- [DNSOP] Signaling Cryptographic Algorithm Underst… Steve Crocker