Re: [DNSOP] Review of draft-livingood-dns-redirect-00
Mark Andrews <marka@isc.org> Thu, 16 July 2009 04:59 UTC
Return-Path: <marka@isc.org>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 56FD83A6A3B for <dnsop@core3.amsl.com>; Wed, 15 Jul 2009 21:59:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.218
X-Spam-Level:
X-Spam-Status: No, score=-2.218 tagged_above=-999 required=5 tests=[AWL=-0.219, BAYES_00=-2.599, J_CHICKENPOX_31=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QiISet9C00+z for <dnsop@core3.amsl.com>; Wed, 15 Jul 2009 21:59:43 -0700 (PDT)
Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) by core3.amsl.com (Postfix) with ESMTP id CC4123A6A3D for <dnsop@ietf.org>; Wed, 15 Jul 2009 21:58:59 -0700 (PDT)
Received: from drugs.dv.isc.org (drugs.dv.isc.org [IPv6:2001:470:1f00:820:214:22ff:fed9:fbdc]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "drugs.dv.isc.org", Issuer "ISC CA" (not verified)) by farside.isc.org (Postfix) with ESMTP id 96373E6070; Thu, 16 Jul 2009 04:59:26 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.14.3/8.14.3) with ESMTP id n6G4xHrZ056427; Thu, 16 Jul 2009 14:59:17 +1000 (EST) (envelope-from marka@drugs.dv.isc.org)
Message-Id: <200907160459.n6G4xHrZ056427@drugs.dv.isc.org>
To: Paul Wouters <paul@xelerance.com>
From: Mark Andrews <marka@isc.org>
References: <C680B730.EB2C%Jason_Livingood@cable.comcast.com> <alpine.LSU.2.00.0907131506280.30197@hermes-2.csi.cam.ac.uk> <alpine.LFD.1.10.0907131347330.8917@newtla.xelerance.com> <p06240806c681347afdd5@[10.20.30.158]> <alpine.LFD.1.10.0907142351170.30778@newtla.xelerance.com> <p062408adc683d0a46ecb@[10.20.30.158]> <alpine.LFD.1.10.0907151439100.31420@newtla.xelerance.com> <200907160017.n6G0GpEV051995@drugs.dv.isc.org> <alpine.LFD.1.10.0907160038250.20118@newtla.xelerance.com>
In-reply-to: Your message of "Thu, 16 Jul 2009 00:41:34 -0400." <alpine.LFD.1.10.0907160038250.20118@newtla.xelerance.com>
Date: Thu, 16 Jul 2009 14:59:17 +1000
Sender: marka@isc.org
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] Review of draft-livingood-dns-redirect-00
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jul 2009 04:59:44 -0000
In message <alpine.LFD.1.10.0907160038250.20118@newtla.xelerance.com>, Paul Wouter s writes: > On Thu, 16 Jul 2009, Mark Andrews wrote: > > >> If I use my own validating stub resolver I can't make it to the portal page. > > > > With proper configuration of the validating stub resolver and the > > recursive servers your validating stub resolver are using you should > > be able to make it to the portal page. > > > > I do agree that it makes it more complicated. > > With DNS redirection? I can see it with http redirection, but with > my validating resolver, I would only be getting servfails? They > either modify the data and invalidate the signature, or they strip > out the DNSSEC and cause my validating to servfail? > > How would this work? With portals that are only available to internal servers you are grafting on namespace and you configure your validator to know about it and potentially not validate that namespace. zone "portal.isp.com" { type forward; forward only; forwarders { ISP'r recursive servers; }; }; this is really no different to internal namespace. > I just wish there was a dhcp option for this. Then we could signal > a landing page, and we could even signal the browser to wait and > not try to reload (and destroy) all my tabs into 20 copies of the > landing page. > > Paul -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Roy Arends
- [DNSOP] Review of draft-livingood-dns-redirect-00 Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Evan Hunt
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Dan Wing
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Ralf Weber
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jelte Jansen
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jelte Jansen
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Antoin Verschuren
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Roy Arends
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Rose, Scott W.
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Ray.Bellis
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Todd Glassey
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andrew Sullivan
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… YAO Jiankang
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Alan Barrett
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Ray.Bellis
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Suzanne Woolf
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Suzanne Woolf
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andrew Sullivan
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… k claffy
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andrew Sullivan
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Roy Arends
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Mark Andrews
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… George Barwood
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Mark Andrews
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Eric Brunner-Williams
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Mark Andrews
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andreas Gustafsson
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andrew Sullivan
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jeroen Massar
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… David Conrad
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Suzanne Woolf
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jeroen Massar
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… David Conrad
- Re: [DNSOP] Review of draft-livingood-dns-redirec… David Conrad
- [DNSOP] DNS redirection for fun and profit Jim Reid
- Re: [DNSOP] DNS redirection for fun and profit David Conrad
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Mark Andrews
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Antoin Verschuren
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andreas Gustafsson
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jim Reid
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jim Reid
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Eric Brunner-Williams
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… John Schnizlein
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Dave CROCKER
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Rob Austein