IETF Logo Mail Archive

Re: OpenDNS today announced it has adopted DNSCurve to secure DNS

David Conrad <drc@virtualized.org> Wed, 24 February 2010 20:36 UTC

Return-Path: <drc@virtualized.org>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 823FC3A8103 for <ietf@core3.amsl.com>; Wed, 24 Feb 2010 12:36:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.059
X-Spam-Level:
X-Spam-Status: No, score=-6.059 tagged_above=-999 required=5 tests=[AWL=0.541, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id emihpsHWXfQV for <ietf@core3.amsl.com>; Wed, 24 Feb 2010 12:36:28 -0800 (PST)
Received: from virtualized.org (trantor.virtualized.org [204.152.189.190]) by core3.amsl.com (Postfix) with ESMTP id 952683A832F for <ietf@ietf.org>; Wed, 24 Feb 2010 12:36:28 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by virtualized.org (Postfix) with ESMTP id 95BF8ACC207; Wed, 24 Feb 2010 12:38:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at virtualized.org
Received: from virtualized.org ([127.0.0.1]) by localhost (trantor.virtualized.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vq22lDuJG0AP; Wed, 24 Feb 2010 12:38:34 -0800 (PST)
Received: from [10.96.18.220] (wlan39-032.mdr.icann.org [192.0.39.32]) by virtualized.org (Postfix) with ESMTP id E6333ACC1F5; Wed, 24 Feb 2010 12:38:33 -0800 (PST)
Subject: Re: OpenDNS today announced it has adopted DNSCurve to secure DNS
Mime-Version: 1.0 (Apple Message framework v1077)
Content-Type: text/plain; charset="us-ascii"
From: David Conrad <drc@virtualized.org>
In-Reply-To: <alpine.LSU.2.00.1002242020540.16971@hermes-2.csi.cam.ac.uk>
Date: Wed, 24 Feb 2010 12:38:03 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <CA55FD26-C65F-4B60-8D04-EB37528678B6@virtualized.org>
References: <874c02a21002231826y613b9f97ya83740ba240f7bf9@mail.gmail.com> <ABE739C5ADAC9A41ACCC72DF366B719D02C29D87@GLKMS2100.GREENLNK.NET> <a123a5d61002240700i4a68367tf901b91265f79da1@mail.gmail.com> <alpine.LSU.2.00.1002241754550.16971@hermes-2.csi.cam.ac.uk> <a123a5d61002241215r4710e63cn2e0594aefc1ce835@mail.gmail.com> <alpine.LSU.2.00.1002242020540.16971@hermes-2.csi.cam.ac.uk>
To: Tony Finch <dot@DOTAT.AT>
X-Mailer: Apple Mail (2.1077)
Cc: Phillip Hallam-Baker <hallam@gmail.com>, IETF-Discussion list <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2010 20:36:29 -0000

On Feb 24, 2010, at 12:23 PM, Tony Finch wrote:
> On Wed, 24 Feb 2010, Phillip Hallam-Baker wrote:
>> 
>> And I have been asking ICANN for months how I get a key for my
>> DNS zones into the system and have never got a reply.
> 
> You should be asking your registrar and/or registry. In the mean time you
> can put it in the DLV.

Yeah, meant to respond to Phillip earlier, but got sidetracked.  To be clear, ICANN only deals with TLDs so many of the concerns I believe Phillip has regarding ensuring the child/parent transfer of keying material are much easier to deal with. The current TLD process is defined at https://itar.iana.org/.

>> Al that has been written or deployed so far is publication
>> infrastructure. Nobody can deploy or test standards based validation
>> infrastructure until the root is signed and a lot more happens besides.
> 
> DLV has solved that problem.

Well, DLV has addressed some problems and created others -- there is the Law of Conservation of Pain you know.

Regards,
-drc

v2.23.0 | Report a Bug | By Email