Re: DNS Interception
SM <sm@resistor.net> Fri, 17 July 2009 16:07 UTC
Return-Path: <sm@resistor.net>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B6C753A6B7C for <ietf@core3.amsl.com>; Fri, 17 Jul 2009 09:07:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.657
X-Spam-Level:
X-Spam-Status: No, score=-2.657 tagged_above=-999 required=5 tests=[AWL=-0.058, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mRqbydLCGCXI for <ietf@core3.amsl.com>; Fri, 17 Jul 2009 09:07:08 -0700 (PDT)
Received: from ns1.qubic.net (ns1.qubic.net [208.69.177.116]) by core3.amsl.com (Postfix) with ESMTP id F07153A6D06 for <ietf@ietf.org>; Fri, 17 Jul 2009 09:07:07 -0700 (PDT)
Received: from subman.resistor.net ([10.0.0.1]) (authenticated bits=0) by ns1.qubic.net (8.14.4.Beta0/8.14.4.Beta0) with ESMTP id n6HG7UfU028386 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 17 Jul 2009 09:07:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1247846859; x=1247933259; bh=seJijVawx6+88lqmXumscwHbeTWXdrTH7ZrF/9RFVjc=; h=Message-Id:Date:To:From:Subject:Cc:In-Reply-To:References: Mime-Version:Content-Type; b=D+ft3LrrQG0seCFXLGHIJA0M9lB2y4jIxU0sjjmAHY1gmw811Mlbsxdrcd7ZPL8jf uQEMdP/7wNAAA0X9w14q+wM/yojVaxyXel2PkvA/rL5LryaGu5YFVJpdspsRowOC02 3mbWfrr02xjP/ps/8ROyHyrhf0TUEwwcTpWfgFNc=
DomainKey-Signature: a=rsa-sha1; s=mail; d=resistor.net; c=simple; q=dns; b=OvkEfNdNvPZ+7y3mBYMwt0ECg3TmrDLs5oQeVMg1Yy78pO1zwR6y1JfSh33F06MZV xJvyZAGsd+PxU//MxRS52RqUXcQL/5KmtjtuldEF1qtSIidpNOUTjSS2cce9p1Oeenu hubQrm0FE44rzqSlZwjkPn3FZuvBwG8aY9mRXwo=
Message-Id: <6.2.5.6.2.20090717082923.02e53110@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Fri, 17 Jul 2009 09:06:40 -0700
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
From: SM <sm@resistor.net>
Subject: Re: DNS Interception
In-Reply-To: <20090717120149.GA19846@nic.fr>
References: <6.2.5.6.2.20090716015306.0302aa20@elandnews.com> <20090717120149.GA19846@nic.fr>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jul 2009 16:07:08 -0000
Hi Stephane, At 05:01 17-07-2009, Stephane Bortzmeyer wrote: >IETF is a SDO, its task is to develop standards, not to write books >describing all the strange and bad things found in the wild. Agreed. I'd like to clarify that my message was not about securing DNS. Some specifications such as: http://www.ietf.org/internet-drafts/draft-ietf-dkim-ssp-10.txt http://www.rfc-editor.org/rfc/rfc4759.txt mention (DNS) NXDOMAIN. Are the assumptions incorrect, or to say it differently, should specifications avoid using (DNS) NXDOMAIN? Regards, -sm
- DNS Interception SM
- Re: DNS Interception Stephane Bortzmeyer
- Re: DNS Interception SM