[DNSOP] DNSSEC in local networks
Jim Reid <jim@rfc1035.com> Mon, 04 September 2017 08:26 UTC
Return-Path: <jim@rfc1035.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D05B1321AA for <dnsop@ietfa.amsl.com>; Mon, 4 Sep 2017 01:26:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PrCXg2_I6-5y for <dnsop@ietfa.amsl.com>; Mon, 4 Sep 2017 01:26:19 -0700 (PDT)
Received: from shaun.rfc1035.com (smtp.v6.rfc1035.com [IPv6:2001:4b10:100:7::25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6051126D0C for <dnsop@ietf.org>; Mon, 4 Sep 2017 01:26:18 -0700 (PDT)
Received: from [156.106.225.18] (unknown [156.106.225.18]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by shaun.rfc1035.com (Postfix) with ESMTPSA id A3DC12421529; Mon, 4 Sep 2017 08:26:15 +0000 (UTC)
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Content-Type: text/plain; charset="us-ascii"
From: Jim Reid <jim@rfc1035.com>
X-Priority: 3 (Normal)
In-Reply-To: <59f8c88caaf82a5884aa87223d49e7e4.1504505559@squirrel.mail>
Date: Mon, 04 Sep 2017 09:26:14 +0100
Cc: dnsop WG <dnsop@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <3B75D240-13B9-4A94-B56D-24E83B4A4A8F@rfc1035.com>
References: <150428805872.6417.9525310755360551475@ietfa.amsl.com> <59A9B760.2060209@mathemainzel.info> <alpine.DEB.2.11.1709012044210.2676@grey.csi.cam.ac.uk> <59A9BCA2.6060008@mathemainzel.info> <20170903043202.GA18082@besserwisser.org> <59AC4E42.9080600@mathemainzel.info> <60304450-DFA3-4982-B01D-CC33C49BDCFC@isc.org> <59f8c88caaf82a5884aa87223d49e7e4.1504505559@squirrel.mail>
To: "Walter H." <Walter.H@mathemainzel.info>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/B4K_y9vLQK0_ER5BIks7wZTfFv0>
Subject: [DNSOP] DNSSEC in local networks
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Sep 2017 08:26:20 -0000
> On 4 Sep 2017, at 07:12, Walter H. <Walter.H@mathemainzel.info> wrote: > > by the way: why are you discussing about DNSSEC for names that are used > only locally? Why do you seem to assume there are never, ever any DNS security issues on the local net? Why would someone want to deliberately configure things to prevent DNSSEC-aware applications and resolvers from working on the local net?
- Re: [DNSOP] DNS names for local networks - not on… Walter H.
- [DNSOP] DNS names for local networks - not only h… Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Tony Finch
- Re: [DNSOP] DNS names for local networks - not on… Paul Wouters
- Re: [DNSOP] DNS names for local networks - not on… Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Tony Finch
- Re: [DNSOP] DNS names for local networks - not on… Paul Wouters
- Re: [DNSOP] DNS names for local networks - not on… Andrew Sullivan
- Re: [DNSOP] DNS names for local networks - not on… Warren Kumari
- Re: [DNSOP] DNS names for local networks - not on… Ralph Droms
- Re: [DNSOP] DNS names for local networks - not on… Warren Kumari
- Re: [DNSOP] DNS names for local networks - not on… Paul Vixie
- Re: [DNSOP] DNS names for local networks - not on… Måns Nilsson
- Re: [DNSOP] DNS names for local networks - not on… Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Mark Andrews
- Re: [DNSOP] DNS names for local networks - not on… Paul Hoffman
- Re: [DNSOP] DNS names for local networks - not on… Walter H.
- [DNSOP] DNSSEC in local networks Jim Reid
- Re: [DNSOP] DNSSEC in local networks Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Mark Andrews
- Re: [DNSOP] DNSSEC in local networks Mark Andrews
- Re: [DNSOP] DNSSEC in local networks Jim Reid
- Re: [DNSOP] DNSSEC in local networks Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Måns Nilsson
- Re: [DNSOP] DNSSEC in local networks Mark Andrews
- Re: [DNSOP] DNSSEC in local networks Walter H.
- Re: [DNSOP] DNSSEC in local networks Petr Špaček
- Re: [DNSOP] DNS names for local networks - not on… Stephane Bortzmeyer
- Re: [DNSOP] DNS names for local networks - not on… Stephane Bortzmeyer
- Re: [DNSOP] DNSSEC in local networks Stephane Bortzmeyer
- Re: [DNSOP] DNSSEC in local networks Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Walter H.
- Re: [DNSOP] DNSSEC in local networks Stephane Bortzmeyer
- Re: [DNSOP] DNSSEC in local networks Tony Finch
- Re: [DNSOP] DNSSEC in local networks Paul Vixie
- Re: [DNSOP] DNS names for local networks - not on… Tony Finch
- Re: [DNSOP] DNSSEC in local networks Mark Andrews
- Re: [DNSOP] DNSSEC in local networks Paul Vixie
- Re: [DNSOP] DNS names for local networks - not on… Michael H. Warfield
- Re: [DNSOP] DNS names for local networks - not on… Lyndon Nerenberg
- Re: [DNSOP] DNS names for local networks - not on… Mark Andrews
- Re: [DNSOP] DNS names for local networks - not on… Tony Finch
- Re: [DNSOP] DNSSEC in local networks Walter H.
- Re: [DNSOP] DNSSEC in local networks Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Walter H.
- Re: [DNSOP] DNSSEC in local networks Mark Andrews
- Re: [DNSOP] DNSSEC in local networks Walter H.
- Re: [DNSOP] DNS names for local networks - not on… Stephane Bortzmeyer
- Re: [DNSOP] DNS names for local networks - not on… Matthew Pounsett
- Re: [DNSOP] DNS names for local networks - not on… Andrew Sullivan
- Re: [DNSOP] DNS names for local networks - not on… Paul Vixie
- Re: [DNSOP] DNS names for local networks - not on… Andrew Sullivan
- Re: [DNSOP] DNS names for local networks - not on… Tony Finch
- Re: [DNSOP] DNSSEC in local networks Warren Kumari
- [DNSOP] Fwd: DNSSEC in local networks william manning