Re: [DNSOP] Should root-servers.net be signed

Paul Vixie <vixie@isc.org> Fri, 19 March 2010 20:08 UTC

Return-Path: <vixie@vix.com>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6ECD53A69A1 for <dnsop@core3.amsl.com>; Fri, 19 Mar 2010 13:08:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.93
X-Spam-Level:
X-Spam-Status: No, score=-1.93 tagged_above=-999 required=5 tests=[AWL=-0.461, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b+sPyjsz3Jrw for <dnsop@core3.amsl.com>; Fri, 19 Mar 2010 13:08:00 -0700 (PDT)
Received: from nsa.vix.com (nsa.vix.com [IPv6:2001:4f8:3:bb:230:48ff:fe5a:2f38]) by core3.amsl.com (Postfix) with ESMTP id B933C3A69A2 for <dnsop@ietf.org>; Fri, 19 Mar 2010 13:07:58 -0700 (PDT)
Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id CAB02B39F3 for <dnsop@ietf.org>; Fri, 19 Mar 2010 20:08:08 +0000 (UTC) (envelope-from vixie@nsa.vix.com)
From: Paul Vixie <vixie@isc.org>
To: dnsop@ietf.org
In-Reply-To: Your message of "Fri, 19 Mar 2010 12:48:24 MST." <9B17C765-036B-40BD-B05A-E1A3E4582D91@ICSI.Berkeley.EDU>
References: <2AA0F45200E147D1ADC86A4B373C3D46@localhost><0E169711-92DC-4AEA-AA81-718F298D1645@hopcount.ca><alpine.LSU.2.00.1003081614480.1897@hermes-2.csi.cam.ac.uk><A2D7C5EE-9937-4529-A28F-23296485A8B2@hopcount.ca><43FC3F50679F458A869F99D72ECD1237@localhost><20100309151726.GC5108@dul1mcmlarson-l1-2.local> <6C56581E-D4F4-4A49-A3B4-CB7F1CF42E29@icsi.berkeley.edu> <183BEF785A9844F186558A87848A6698@localhost> <061F30F4-E0EE-40E6-A54D-246D9E9A9D77@ICSI.Berkeley.EDU> <6D6F580F8CFB4DB5AB32566FB608088D@localhost> <57BC5F21-B1EE-4D06-BB1B-3DC8582D0D87@ICSI.Berkeley.EDU> <03CF4A3B5B374C4C858DEEB2D66C0702@localhost> <AA116C2A-CCFC-4177-A43A-B3AA066B3C3C@ICSI.Berkeley.EDU> <7F872C0CAA544F9480BF49438AAFA3BF@localhost> <68584293-648A-4F4E-8731-785E8F4D38B7@ICSI.Berkeley.EDU> <662061674DB34DB395F519F52B0C4C35@localhost> <9B17C765-036B-40BD-B05A-E1A3E4582D91@ICSI.Berkeley.EDU>
X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1
Date: Fri, 19 Mar 2010 20:08:08 +0000
Message-ID: <56484.1269029288@nsa.vix.com>
Sender: vixie@vix.com
Subject: Re: [DNSOP] Should root-servers.net be signed
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Mar 2010 20:08:01 -0000

> From: Nicholas Weaver <nweaver@ICSI.Berkeley.EDU>
> Date: Fri, 19 Mar 2010 12:48:24 -0700
> ...
> Enshrining "tho shalt never fragment" into the Internet Architecture is
> dangerous, and will cause far MORE problems. Having something which
> regularly exercises fragmentation as critical to the infrastructure and
> we wouldn't have this problem where 10% of the resolvers are broken WRT
> fragmentation.

+1.