IETF Logo Mail Archive

Re: [DNSOP] Review of draft-livingood-dns-redirect-00

Stephane Bortzmeyer <bortzmeyer@nic.fr> Thu, 16 July 2009 07:21 UTC

Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 47DD73A68FB for <dnsop@core3.amsl.com>; Thu, 16 Jul 2009 00:21:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.425
X-Spam-Level:
X-Spam-Status: No, score=-4.425 tagged_above=-999 required=5 tests=[AWL=1.824, BAYES_00=-2.599, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eD0NHo4cCKXW for <dnsop@core3.amsl.com>; Thu, 16 Jul 2009 00:20:53 -0700 (PDT)
Received: from mx2.nic.fr (mx2.nic.fr [192.134.4.11]) by core3.amsl.com (Postfix) with ESMTP id 5726A3A6811 for <dnsop@ietf.org>; Thu, 16 Jul 2009 00:20:53 -0700 (PDT)
Received: from mx2.nic.fr (localhost [127.0.0.1]) by mx2.nic.fr (Postfix) with SMTP id C7CAC1C010E; Thu, 16 Jul 2009 09:14:51 +0200 (CEST)
Received: from relay1.nic.fr (relay1.nic.fr [192.134.4.162]) by mx2.nic.fr (Postfix) with ESMTP id C2F721C00F9; Thu, 16 Jul 2009 09:14:51 +0200 (CEST)
Received: from bortzmeyer.nic.fr (batilda.nic.fr [192.134.4.69]) by relay1.nic.fr (Postfix) with ESMTP id C0843A1D9E2; Thu, 16 Jul 2009 09:14:51 +0200 (CEST)
Date: Thu, 16 Jul 2009 09:15:53 +0200
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Roy Arends <roy@dnss.ec>
Message-ID: <20090716071553.GA5985@nic.fr>
References: <C67B83C4.E855%Jason_Livingood@cable.comcast.com> <20090710130527.GA17272@laperouse.bortzmeyer.org> <850A39016FA57A4887C0AA3C8085F949F02E00@KAEVS1.SIDN.local> <6C166401-DF49-48EA-A69B-C1EAA09EBF05@dnss.ec>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <6C166401-DF49-48EA-A69B-C1EAA09EBF05@dnss.ec>
X-Operating-System: Debian GNU/Linux 5.0.2
X-Kernel: Linux 2.6.26-2-686 i686
Organization: NIC France
X-URL: http://www.nic.fr/
User-Agent: Mutt/1.5.18 (2008-05-17)
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] Review of draft-livingood-dns-redirect-00
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jul 2009 07:21:12 -0000

On Mon, Jul 13, 2009 at 01:59:46PM +0200,
 Roy Arends <roy@dnss.ec> wrote 
 a message of 33 lines which said:

> SSAC's Report on DNS Response Modification
> http://www.icann.org/en/committees/security/sac032.pdf

Indeed. Good document. There is no need to discuss about
draft-livingood-dns-lie, all the issues raised here in this WG were
already in the SSAC document one year ago.

I regret one thing with SSAC 032: they mix wildcards in the zone and
lying resolvers. True, they have similarities but also differences
(for instance, wildcards in a zone follow the DNS protocol, and
therefore are compatible with DNSSEC) and I'm a bit tired of Slashdot
discussions starting with "Comcast == Sitefinder".

> IAB Commentary Architectural Concerns on the use of DNS Wildcards
> http://www.iab.org/documents/docs/2003-09-20-dns-wildcards.html

Irrelevant since it talks only about wildcards in the zone.

v2.23.0 | Report a Bug | By Email