Re: [DNSOP] Localhost - more reliable options?
Ted Lemon <mellon@fugue.com> Fri, 18 August 2017 02:20 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5BF7132824 for <dnsop@ietfa.amsl.com>; Thu, 17 Aug 2017 19:20:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mbng9WelvuKH for <dnsop@ietfa.amsl.com>; Thu, 17 Aug 2017 19:20:22 -0700 (PDT)
Received: from mail-qk0-x234.google.com (mail-qk0-x234.google.com [IPv6:2607:f8b0:400d:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5385F132820 for <dnsop@ietf.org>; Thu, 17 Aug 2017 19:20:22 -0700 (PDT)
Received: by mail-qk0-x234.google.com with SMTP id x77so2580270qka.5 for <dnsop@ietf.org>; Thu, 17 Aug 2017 19:20:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=pE4YPT9ZBET8EeHBnJb+hEKU+6YSKv2UaJi9JcZwPEc=; b=xksymi7BGd7k1SfvmMHuo7mifrCIUefZ+0N2Lii2c+N422b8E2tLxO8i4V43RmMhj5 aOkGeHDIMlWZGovD1ysWGptXu/stt82bI6Wi8HG18Kgfv1OP7bZl1QwcJKVU5eHMOchm /fIv6AlYeQl1UY+Za03kcgV76GZfVaGiKj2mySfw70WMFrIRSpR0oK6vfP5JJCpyUDiC J/jszs15TP5AtAyIv3VOWAb4JZDcXzsq2ZUweGcHF2NneT74vSUQdb+N7uTMmvYbMpDf F8OHplePAUuI4qDNv24EgiyYL42osqOLizJRB9BD3RfiztJcMso2dvWgM5Zi2FfDSzzr en+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=pE4YPT9ZBET8EeHBnJb+hEKU+6YSKv2UaJi9JcZwPEc=; b=SbrQ/eiQYuIgQ3Ltpuqcqao7hN8v4Y7y6wsblGVcVErtWkkbneeiJhlPVO9oIiq/tl LttLvWr4JjHYlTZgtW0OdxaX/jzbGp+FA6XmplfxJmpqHT1WAxUICVjd9U4kpLeBB1R/ JOjUyEb6fpSbb6fXxFFwwlEhUnhi0UHTzsYc9eVE6Wsl08b6IoxMdl18wWdAeBTcDTma QnXD0FBi2L2y3wi8I656uaNheJLr5QZ5Latb03z0WBUIeTmF/aLcm1AtJdVt7QWc4+Ry PfzbOCmrWnMY2DxCQlP6X35HfaTNYLakaA8vDpSPgdgkjghELuk4lCcLMhR2ZjIjS9gS ibRQ==
X-Gm-Message-State: AHYfb5idv0tCjfx1KHmAEBe2wHQzQfVSXuWTi9aVTDyXrjMzyY4qYNoV Cb73OIFbp8mFa4ru
X-Received: by 10.55.42.132 with SMTP id q4mr10596808qkq.45.1503022821517; Thu, 17 Aug 2017 19:20:21 -0700 (PDT)
Received: from [10.0.30.153] (c-24-60-163-103.hsd1.ma.comcast.net. [24.60.163.103]) by smtp.gmail.com with ESMTPSA id n69sm3032364qke.52.2017.08.17.19.20.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 17 Aug 2017 19:20:20 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <69725356-F683-4FAF-A130-D08353D9169F@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_95344181-83BC-4AA9-911A-CADC452AA0B8"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Thu, 17 Aug 2017 22:20:18 -0400
In-Reply-To: <CAH1iCip41ohOxKZdqEN-NOyRuv-d1knxuwR3LJNHOC+C6QJC3g@mail.gmail.com>
Cc: "dnsop@ietf.org WG" <dnsop@ietf.org>
To: Brian Dickson <brian.peter.dickson@gmail.com>
References: <CAH1iCiqr_9Om-jwRq6mLABH3cZ1D0qptLHVUQ1YtZn0ViQM=Mw@mail.gmail.com> <597FEBF7-7D11-4E50-9B79-63301914F75B@fugue.com> <CAH1iCip41ohOxKZdqEN-NOyRuv-d1knxuwR3LJNHOC+C6QJC3g@mail.gmail.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/_SZxe0388KuUG-1G_JR33TFVaPU>
Subject: Re: [DNSOP] Localhost - more reliable options?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Aug 2017 02:20:23 -0000
El 17 ag 2017, a les 21:54, Brian Dickson <brian.peter.dickson@gmail.com> va escriure: > If you're trying to use "localhost", that means you're using some kind of name resolution, whether it be DNS, /etc/hosts, NIS+, or anything else. > I'm suggesting that by using DNS, you can take advantage of what DNS has to offer, which includes potentially DNSSEC. DNSSEC can't work, or even be used, if you are spoofing localhost. If you used DNSSEC, the answer would fail validation.
- [DNSOP] Localhost - more reliable options? Brian Dickson
- Re: [DNSOP] Localhost - more reliable options? Ted Lemon
- Re: [DNSOP] Localhost - more reliable options? Brian Dickson
- Re: [DNSOP] Localhost - more reliable options? Ted Lemon
- Re: [DNSOP] Localhost - more reliable options? Brian Dickson
- Re: [DNSOP] Localhost - more reliable options? Ted Lemon
- Re: [DNSOP] Localhost - more reliable options? Richard Barnes