IETF Logo Mail Archive

Re: [DNSOP] [Ext] DNSSEC as a Best Current Practice

Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp> Wed, 23 March 2022 12:22 UTC

Return-Path: <mohta@necom830.hpcl.titech.ac.jp>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 550323A0D9B for <dnsop@ietfa.amsl.com>; Wed, 23 Mar 2022 05:22:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AyAY5sRwODZo for <dnsop@ietfa.amsl.com>; Wed, 23 Mar 2022 05:22:05 -0700 (PDT)
Received: from necom830.hpcl.titech.ac.jp (necom830.hpcl.titech.ac.jp [131.112.32.132]) by ietfa.amsl.com (Postfix) with SMTP id 7A7D43A0DB4 for <dnsop@ietf.org>; Wed, 23 Mar 2022 05:22:04 -0700 (PDT)
Received: (qmail 85719 invoked from network); 23 Mar 2022 12:18:10 -0000
Received: from necom830.hpcl.titech.ac.jp (HELO ?127.0.0.1?) (131.112.32.132) by necom830.hpcl.titech.ac.jp with SMTP; 23 Mar 2022 12:18:10 -0000
Message-ID: <3c49a0f9-7981-ffda-cf12-ebbdd70bae73@necom830.hpcl.titech.ac.jp>
Date: Wed, 23 Mar 2022 21:21:58 +0900
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0
Content-Language: en-US
To: dnsop@ietf.org
References: <163bfd78-c21d-084c-9f6d-9d29b80bcbd1@necom830.hpcl.titech.ac.jp> <7B3A5D3D-2E84-45A7-BE5F-3BAC3650E95C@hopcount.ca> <e722a37a-1476-d90b-b4df-e9d4604bea59@necom830.hpcl.titech.ac.jp> <e8566381-d8e8-b99f-67c3-2e89dc9cb85@nohats.ca> <affe488c-d2c4-05a0-69b4-12c2aa97dbfa@necom830.hpcl.titech.ac.jp> <4CF7E9B2-F47A-406F-873D-3E5D6F73692F@icann.org>
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
In-Reply-To: <4CF7E9B2-F47A-406F-873D-3E5D6F73692F@icann.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/HNc-XP4_qxiLJH1Blo-5wLrLOJo>
Subject: Re: [DNSOP] [Ext] DNSSEC as a Best Current Practice
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Mar 2022 12:22:09 -0000

Paul Hoffman wrote:

> My reading of this thread is that one person thinks that there is a
> better way to achieve what DNSSEC is designed to achieve, and no one
> else agrees with him. Thus, I'll leave the text in the document alone
> unless I see more support for that lone opinion.
I'm afraid you miss, among others, my point that:

    it just
    indicates that the value of deploying DNSSEC is often considered
    lower than the cost.

    is just wrong.

which has nothing to do with "better way".

						Masataka Ohta

v2.23.0 | Report a Bug | By Email