Re: [DNSOP] Review of draft-livingood-dns-redirect-00
Paul Wouters <paul@xelerance.com> Thu, 16 July 2009 06:16 UTC
Return-Path: <paul@xelerance.com>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 32BBF3A6774 for <dnsop@core3.amsl.com>; Wed, 15 Jul 2009 23:16:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.258
X-Spam-Level:
X-Spam-Status: No, score=-2.258 tagged_above=-999 required=5 tests=[AWL=-0.259, BAYES_00=-2.599, J_CHICKENPOX_31=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qOuaMCKrv++2 for <dnsop@core3.amsl.com>; Wed, 15 Jul 2009 23:16:07 -0700 (PDT)
Received: from newtla.xelerance.com (newtla.xelerance.com [193.110.157.143]) by core3.amsl.com (Postfix) with ESMTP id 39C7E3A676A for <dnsop@ietf.org>; Wed, 15 Jul 2009 23:16:07 -0700 (PDT)
Received: from tla.xelerance.com (tla.xelerance.com [193.110.157.130]) by newtla.xelerance.com (Postfix) with ESMTP id 48A6DC620; Thu, 16 Jul 2009 02:14:43 -0400 (EDT)
Date: Thu, 16 Jul 2009 02:14:43 -0400
From: Paul Wouters <paul@xelerance.com>
To: Mark Andrews <marka@isc.org>
In-Reply-To: <200907160459.n6G4xHrZ056427@drugs.dv.isc.org>
Message-ID: <alpine.LFD.1.10.0907160212170.20118@newtla.xelerance.com>
References: <C680B730.EB2C%Jason_Livingood@cable.comcast.com> <alpine.LSU.2.00.0907131506280.30197@hermes-2.csi.cam.ac.uk> <alpine.LFD.1.10.0907131347330.8917@newtla.xelerance.com> <p06240806c681347afdd5@[10.20.30.158]> <alpine.LFD.1.10.0907142351170.30778@newtla.xelerance.com> <p062408adc683d0a46ecb@[10.20.30.158]> <alpine.LFD.1.10.0907151439100.31420@newtla.xelerance.com> <200907160017.n6G0GpEV051995@drugs.dv.isc.org> <alpine.LFD.1.10.0907160038250.20118@newtla.xelerance.com> <200907160459.n6G4xHrZ056427@drugs.dv.isc.org>
User-Agent: Alpine 1.10 (LFD 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] Review of draft-livingood-dns-redirect-00
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jul 2009 06:16:08 -0000
On Thu, 16 Jul 2009, Mark Andrews wrote:
>> How would this work?
>
> With portals that are only available to internal servers you are
> grafting on namespace and you configure your validator to know about
> it and potentially not validate that namespace.
>
> zone "portal.isp.com" {
> type forward;
> forward only;
> forwarders { ISP'r recursive servers; };
> };
>
> this is really no different to internal namespace.
The problem is not resolving portal.isp.com. The problem is that
mail.xelerance.com "resolves" to portal.isp.com, but never makes
it because my validating stub resolver has a DNSSEC key loaded
for xelerance.com. A problem that in the future will become worse
when the majority of the domains (and the root) is signed.
Paul
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Roy Arends
- [DNSOP] Review of draft-livingood-dns-redirect-00 Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Evan Hunt
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Dan Wing
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Ralf Weber
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jelte Jansen
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jelte Jansen
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Antoin Verschuren
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Roy Arends
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Rose, Scott W.
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Ray.Bellis
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Todd Glassey
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andrew Sullivan
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… YAO Jiankang
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Alan Barrett
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Ray.Bellis
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Suzanne Woolf
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Suzanne Woolf
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andrew Sullivan
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… k claffy
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andrew Sullivan
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Roy Arends
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Mark Andrews
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… George Barwood
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Mark Andrews
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Eric Brunner-Williams
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Mark Andrews
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andreas Gustafsson
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andrew Sullivan
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Stephane Bortzmeyer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jeroen Massar
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… David Conrad
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Suzanne Woolf
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Wouters
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Florian Weimer
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jeroen Massar
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Tony Finch
- Re: [DNSOP] Review of draft-livingood-dns-redirec… David Conrad
- Re: [DNSOP] Review of draft-livingood-dns-redirec… David Conrad
- [DNSOP] DNS redirection for fun and profit Jim Reid
- Re: [DNSOP] DNS redirection for fun and profit David Conrad
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Mark Andrews
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Antoin Verschuren
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Andreas Gustafsson
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jim Reid
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Jim Reid
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Eric Brunner-Williams
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Paul Hoffman
- Re: [DNSOP] Review of draft-livingood-dns-redirec… John Schnizlein
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Dave CROCKER
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Livingood, Jason
- Re: [DNSOP] Review of draft-livingood-dns-redirec… Rob Austein