IETF Logo Mail Archive

Re: [DNSOP] [homenet] Fwd: WGLC on "redact" and "homenet-dot"

David Conrad <drc@virtualized.org> Sat, 17 December 2016 19:25 UTC

Return-Path: <drc@virtualized.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3478312957F for <dnsop@ietfa.amsl.com>; Sat, 17 Dec 2016 11:25:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=virtualized-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eVFYGY4ilFLG for <dnsop@ietfa.amsl.com>; Sat, 17 Dec 2016 11:25:40 -0800 (PST)
Received: from mail-pf0-x229.google.com (mail-pf0-x229.google.com [IPv6:2607:f8b0:400e:c00::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93A961293DC for <dnsop@ietf.org>; Sat, 17 Dec 2016 11:25:40 -0800 (PST)
Received: by mail-pf0-x229.google.com with SMTP id c4so18548725pfb.1 for <dnsop@ietf.org>; Sat, 17 Dec 2016 11:25:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtualized-org.20150623.gappssmtp.com; s=20150623; h=subject:mime-version:from:in-reply-to:date:cc:message-id:references :to; bh=793oZ3jP0gBteLQoTPnqC+L2f31yphWqikJXhc4EapU=; b=yreXiFHhGq6HxZFFyc58rbQ2pUd1LVb907IxWC37SGFDWXuOojGbcuGihDEgxNKzmD 3PxPpVuzcBDfzyllbvRin5S5a4D4VVC+J0zGLkvyCoit2nJEB/hjj9OCjUdsvh7Cz1N4 E3NTD43Gc3ruFmNcCS0mKhv3W03tAimEczh1DB7kS6WYe/2ZwhDNi2qPVxaIR1mSaoq1 75TXzYKlJI/0p2QWQpQ6rk5iYEthThS3Eh9o4STvp4ikz/uycghNq9Eaz2g6NDM0V/DF RHdZu+/jesQ3RzHLEf1L9AoNNYb2LRrkanXn3CHWx8EEfzyYULSagD4woGTLUZwdcp7p AQ2Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:mime-version:from:in-reply-to:date:cc :message-id:references:to; bh=793oZ3jP0gBteLQoTPnqC+L2f31yphWqikJXhc4EapU=; b=KKevUKSWAmMcOz32oXDFvt+C06ceHpdEO+QKEliM0jQy93g50WRivF0QMBRgzfSPGf v+KULLe0ssDaOzLD1Uj4zTUm/Z/LuitC9ctaZpouzohVxB6GAIk5yn79Ae9QVz4OtVbS hicU2jDIrZfHRaWHmkgQvkWKKE2C5WAPInDYtjBFAbbQseqEEQZQ/vTLe58RdNa+aJEO N3tiQ7R9C2w7Twc9LTxLiU5QcyJui3QDzDB6PZl5dFTSw3podjxxBSUjkxyQ3yn6+NAw uQ/GSyIWYnRRn+w7Ji6WooOtnwJ3oPyujjWwxccAA6NdtC3Bdk5q1STSii2EUzOaZStF 20ag==
X-Gm-Message-State: AIkVDXK/4ZIQDZB84bqXKhgv7xbLmnKmN2X+X8C120IoEas0ZJQ1ZH1gbSSNtorjCArgIw==
X-Received: by 10.84.209.134 with SMTP id y6mr2076273plh.32.1482002740210; Sat, 17 Dec 2016 11:25:40 -0800 (PST)
Received: from ?IPv6:2601:647:4301:9590:11ff:e45c:8fc3:50b2? ([2601:647:4301:9590:11ff:e45c:8fc3:50b2]) by smtp.gmail.com with ESMTPSA id 2sm20750817pgy.27.2016.12.17.11.25.38 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sat, 17 Dec 2016 11:25:39 -0800 (PST)
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Content-Type: multipart/signed; boundary="Apple-Mail=_291D23A5-8F68-4F30-8C1C-97DA962E63CA"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail
From: David Conrad <drc@virtualized.org>
In-Reply-To: <CAPt1N1mWLw-thMrVvztdSDkPp6zW8ptick4ZnDKUatBf44QfiA@mail.gmail.com>
Date: Sat, 17 Dec 2016 11:25:37 -0800
Message-Id: <49A7DCF7-9FEC-4572-BE88-D90B415F330A@virtualized.org>
References: <20161214220428.1688.qmail@ary.lan> <9EC2695D-5CC5-479F-9998-27810608E71E@fugue.com> <CAH1iCioPZiO78j478BV7t=pTN9LZXQbweeBZQF2w3O1gKwx3XA@mail.gmail.com> <20161215011803.A2B705CE7CAA@rock.dv.isc.org> <CAH1iCir6R=DG+RM1BoMn1s31x3ZoN4bHLO7dWdVL-yCD3u3R0A@mail.gmail.com> <CAPt1N1=Mw=LSQ+dwFX2MFKTzSHMzWKAMLrW9fQPaAggMb+GJ-A@mail.gmail.com> <CAH1iCirFZtCWVkMqFp8Fb=wJLzmBNb2k5PfxKBRNUtgVR7cMXA@mail.gmail.com> <CAPt1N1nHmrRwAGGJCTwD=PhW1w=QHHSnvi1D3GN4kNxHSgapEA@mail.gmail.com> <20161215041912.32A8F5CE9152@rock.dv.isc.org> <CAPt1N1mwoGDuc8fn7mFd0R3cx_xQLBM3H=ye9L+ceE6kvUo-mQ@mail.gmail.com> <4195DBA6-6EAE-45CE-AD61-9236C62124D0@google.com> <alpine.OSX.2.11.1612151555520.6844@ary.local> <CAPt1N1mWLw-thMrVvztdSDkPp6zW8ptick4ZnDKUatBf44QfiA@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/PXquSLfY9AgP2-L0-kYIvuahhg4>
Cc: "dnsop@ietf.org WG" <dnsop@ietf.org>
Subject: Re: [DNSOP] [homenet] Fwd: WGLC on "redact" and "homenet-dot"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Dec 2016 19:25:42 -0000

I presume NSEC Aggressive Use will significantly reduce the amount of crap hitting the root servers.

Given how much capacity the root servers already have to provision to deal with that crap, I don't think a massive increase in legitimate (NSEC Aggressive Use-implementing) resolvers will move the needle significantly.

Regards,
-drc

> On Dec 15, 2016, at 1:00 PM, Ted Lemon <mellon@fugue.com> wrote:
> 
> Billions and billions of them?   How often do they query the root, do you think, compared to a stub resolver that did recursion itself?
> 
> On Thu, Dec 15, 2016 at 3:57 PM, John R Levine <johnl@taugh.com <mailto:johnl@taugh.com>> wrote:
> Putting an iterative resolver in a stub resolver is an attack on the DNS infrastructure.
> 
> Ted might want to alert all of the BSD and linux distros that default to running a copy of bind or unbound answering queries on 127.0.0.1.
> 
> Regards,
> John Levine, johnl@taugh.com <mailto:johnl@taugh.com>, Taughannock Networks, Trumansburg NY
> Please consider the environment before reading this e-mail. https://jl.ly <https://jl.ly/>
> 
> _______________________________________________
> homenet mailing list
> homenet@ietf.org <mailto:homenet@ietf.org>
> https://www.ietf.org/mailman/listinfo/homenet <https://www.ietf.org/mailman/listinfo/homenet>
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

Regards,
-drc
(speaking only for myself)

v2.23.0 | Report a Bug | By Email