RE: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS today announced ithas adopted DNSCurve to secure DNS)
"Hollenbeck, Scott" <shollenbeck@verisign.com> Thu, 25 February 2010 18:37 UTC
Return-Path: <shollenbeck@verisign.com>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4C7E43A871E for <ietf@core3.amsl.com>; Thu, 25 Feb 2010 10:37:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.511
X-Spam-Level:
X-Spam-Status: No, score=-5.511 tagged_above=-999 required=5 tests=[AWL=1.088, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zFeiBhGtVpxV for <ietf@core3.amsl.com>; Thu, 25 Feb 2010 10:37:18 -0800 (PST)
Received: from peregrine.verisign.com (peregrine.verisign.com [216.168.239.74]) by core3.amsl.com (Postfix) with ESMTP id 4BCB73A871B for <ietf@ietf.org>; Thu, 25 Feb 2010 10:37:18 -0800 (PST)
Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by peregrine.verisign.com (8.13.6/8.13.4) with ESMTP id o1PIXUHa021939; Thu, 25 Feb 2010 13:33:30 -0500
Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 25 Feb 2010 13:39:19 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS today announced ithas adopted DNSCurve to secure DNS)
Date: Thu, 25 Feb 2010 13:39:16 -0500
Message-ID: <046F43A8D79C794FA4733814869CDF07031D051C@dul1wnexmb01.vcorp.ad.vrsn.com>
In-Reply-To: <C5619D88-DA9C-4DB5-A5BB-B1719DB55173@hopcount.ca>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS today announced ithas adopted DNSCurve to secure DNS)
Thread-Index: Acq2RUezROuWl03LQ4ej+oD+3AVf7AAA+r0A
References: <874c02a21002231826y613b9f97ya83740ba240f7bf9@mail.gmail.com><ABE739C5ADAC9A41ACCC72DF366B719D02C29D87@GLKMS2100.GREENLNK.NET><a123a5d61002240700i4a68367tf901b91265f79da1@mail.gmail.com><1267039830.9710.11106.camel@shane-asus-laptop><alpine.LSU.2.00.1002242049510.16971@hermes-2.csi.cam.ac.uk> <C5619D88-DA9C-4DB5-A5BB-B1719DB55173@hopcount.ca>
From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
To: Joe Abley <jabley@hopcount.ca>
X-OriginalArrivalTime: 25 Feb 2010 18:39:19.0283 (UTC) FILETIME=[D7339430:01CAB649]
Cc: IETF Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Feb 2010 18:37:19 -0000
> -----Original Message----- > From: ietf-bounces@ietf.org [mailto:ietf-bounces@ietf.org] On > Behalf Of Joe Abley > Sent: Thursday, February 25, 2010 1:06 PM > To: Tony Finch > Cc: Phillip Hallam-Baker; IETF Discussion > Subject: Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS today > announced ithas adopted DNSCurve to secure DNS) > > > On 2010-02-24, at 15:50, Tony Finch wrote: > > > On Wed, 24 Feb 2010, Shane Kerr wrote: > >> > >> DNSSEC declares out of scope: > >> * the channel where DS records get added to the parent > > > > Is that actually out of scope or just not specified yet? > > The whole channel from end-user (registrant) to registry > cannot usefully be specified in any general way because there > is no consistent way of interacting with a registrar (in the > name of open competition) and no consistent > registry-registrar-registrant structure across all TLDs (for > reasons that surely would require more than one parenthetical > phrase to describe adequately). > > The component that concerns communication between a registry > and a registrar does have one solution that has been > standardised in the IETF, however, which is being implemented > at some TLDs, I hear. > > http://www.ietf.org/rfc/rfc4310.txt Implementation experience has uncovered some deficiencies in 4310. A proposal to address the deficiences is being developed as an individual submission: http://www.ietf.org/id/draft-gould-rfc4310bis-05.txt Scott
- OpenDNS today announced it has adopted DNSCurve t… Joe Baptista
- RE: OpenDNS today announced it has adopted DNSCur… Dearlove, Christopher (UK)
- Re: OpenDNS today announced it has adopted DNSCur… Joe Baptista
- Re: OpenDNS today announced it has adopted DNSCur… tytso
- Re: OpenDNS today announced it has adopted DNSCur… Dave CROCKER
- Re: OpenDNS today announced it has adopted DNSCur… Martin Rex
- Re: OpenDNS today announced it has adopted DNSCur… Phillip Hallam-Baker
- Re: OpenDNS today announced it has adopted DNSCur… Wes Hardaker
- Re: OpenDNS today announced it has adopted DNSCur… Phillip Hallam-Baker
- Re: OpenDNS today announced it has adopted DNSCur… Tony Finch
- Re: OpenDNS today announced it has adopted DNSCur… Paul Wouters
- Re: OpenDNS today announced it has adopted DNSCur… Paul Hoffman
- Re: OpenDNS today announced it has adopted DNSCur… Paul Hoffman
- Re: OpenDNS today announced it has adopted DNSCur… Steven M. Bellovin
- DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS today a… Shane Kerr
- Re: OpenDNS today announced it has adopted DNSCur… Tony Finch
- Re: OpenDNS today announced it has adopted DNSCur… David Conrad
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Tony Finch
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Paul Wouters
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Paul Hoffman
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Tony Finch
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Marc Petit-Huguenin
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Paul Hoffman
- Re: OpenDNS today announced it has adopted DNSCur… Andrew Sullivan
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Masataka Ohta
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Mark Andrews
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Masataka Ohta
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Nikos Mavrogiannopoulos
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Masataka Ohta
- Re: OpenDNS today announced it has adopted DNSCur… Joe Baptista
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Nikos Mavrogiannopoulos
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Basil Dolmatov
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Masataka Ohta
- Re: OpenDNS today announced it has adopted DNSCur… Tony Finch
- Re: DNSCurve vs. DNSSEC - FIGHT! Florian Weimer
- Re: OpenDNS today announced it has adopted DNSCur… Martin Rex
- Re: OpenDNS today announced it has adopted DNSCur… Paul Wouters
- Re: OpenDNS today announced it has adopted DNSCur… Phillip Hallam-Baker
- Re: OpenDNS today announced it has adopted DNSCur… Phillip Hallam-Baker
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Phillip Hallam-Baker
- Re: OpenDNS today announced it has adopted DNSCur… Phillip Hallam-Baker
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Phillip Hallam-Baker
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Paul Wouters
- Re: OpenDNS today announced it has adopted DNSCur… David Conrad
- Re: OpenDNS today announced it has adopted DNSCur… Paul Wouters
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Tony Finch
- Re: OpenDNS today announced it has adopted DNSCur… Paul Wouters
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Paul Wouters
- Re: OpenDNS today announced it has adopted DNSCur… David Conrad
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Joe Abley
- RE: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Hollenbeck, Scott
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Shumon Huque
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Masataka Ohta
- Re: DNSCurve vs. DNSSEC - FIGHT! Masataka Ohta
- Re: DNSCurve vs. DNSSEC - FIGHT! Florian Weimer
- Re: DNSCurve vs. DNSSEC - FIGHT! Masataka Ohta
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Masataka Ohta
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Phillip Hallam-Baker
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Phillip Hallam-Baker
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Phillip Hallam-Baker
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Joe Baptista
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… David Conrad
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Tony Finch
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Paul Wouters
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Masataka Ohta
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Wassim Haddad
- PKIgate Masataka Ohta
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Masataka Ohta
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Shumon Huque
- Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS tod… Masataka Ohta