Re: [dnsext] perhaps we should reintroduce "resimprove"
Stephane Bortzmeyer <bortzmeyer@nic.fr> Fri, 10 February 2012 08:51 UTC
Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32C3621F875A; Fri, 10 Feb 2012 00:51:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1328863882; bh=bdqJ3LEGFXe8f0me2tMc/hNn65IWyxcQtpZwkJb/chU=; h=Date:From:To:Message-ID:References:MIME-Version:In-Reply-To:Cc: Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:List-Help: List-Subscribe:Content-Type:Content-Transfer-Encoding:Sender; b=ldp1kojyRhHQkikmvE3a+5cj+TmMhYDCncJHeBRx2UwwdiEFx5ApRU7i+lVS3hfOI n+G9rM6+chZ82FHF+3iaUNUmvOzNHnPgeEeJC5Uon4vi38D1O2/iptnSOTWavN4hgr r5kEpbMQ7hWTHhMwz1CLZXX1kX4aXlb+gLXBVeiQ=
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5105621F875A for <dnsext@ietfa.amsl.com>; Fri, 10 Feb 2012 00:51:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.425
X-Spam-Level:
X-Spam-Status: No, score=-102.425 tagged_above=-999 required=5 tests=[AWL=0.175, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RldAxuGuxSVQ for <dnsext@ietfa.amsl.com>; Fri, 10 Feb 2012 00:51:19 -0800 (PST)
Received: from mail.bortzmeyer.org (aetius.bortzmeyer.org [IPv6:2001:4b98:dc0:41:216:3eff:fece:1902]) by ietfa.amsl.com (Postfix) with ESMTP id 9012321F85B4 for <dnsext@ietf.org>; Fri, 10 Feb 2012 00:51:19 -0800 (PST)
Received: by mail.bortzmeyer.org (Postfix, from userid 10) id 99E183B393; Fri, 10 Feb 2012 08:51:17 +0000 (UTC)
Received: by tyrion (Postfix, from userid 1000) id 349CCF005D5; Fri, 10 Feb 2012 09:44:39 +0100 (CET)
Date: Fri, 10 Feb 2012 09:44:39 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: paul vixie <vixie@isc.org>
Message-ID: <20120210084439.GB7284@laperouse.bortzmeyer.org>
References: <3699_1328861785_4F34D258_3699_2027_1_4F33E1A6.4030902@isc.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <3699_1328861785_4F34D258_3699_2027_1_4F33E1A6.4030902@isc.org>
X-Transport: UUCP rules
X-Operating-System: Ubuntu 11.10 (oneiric)
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: dnsext@ietf.org
Subject: Re: [dnsext] perhaps we should reintroduce "resimprove"
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org
On Thu, Feb 09, 2012 at 03:09:26PM +0000, paul vixie <vixie@isc.org> wrote a message of 34 lines which said: > remove (B) and section 3, Why? It seems fine to me (even if He-Who-Must-Not-Be-Named disagrees). > progress it not as an improvement but as a security and resiliency > requirement (so, a proposed standard) in the face of the "ghost domain" > problem. It seems to me that this draft does not currently address the ghost domain problem. It mandates revalidation at the parent when the records expire, but it does not say anything about the rules that allow an authoritative server to overwrite the old TTL with a new value, thus preventing expiration. Would it be a better idea to use this draft as a starting point to work on the issues proposed by the ghost domains paper? (Replacing >= by > in the credibility rules and other measures.) _______________________________________________ dnsext mailing list dnsext@ietf.org https://www.ietf.org/mailman/listinfo/dnsext
- [dnsext] perhaps we should reintroduce "resimprov… paul vixie
- Re: [dnsext] perhaps we should reintroduce "resim… Andrew Sullivan
- Re: [dnsext] perhaps we should reintroduce "resim… Frederico A C Neves
- Re: [dnsext] perhaps we should reintroduce "resim… Andrew Sullivan
- Re: [dnsext] perhaps we should reintroduce "resim… Andrew Sullivan
- Re: [dnsext] perhaps we should reintroduce "resim… Warren Kumari
- Re: [dnsext] perhaps we should reintroduce "resim… Stephane Bortzmeyer
- Re: [dnsext] perhaps we should reintroduce "resim… paul vixie
- Re: [dnsext] perhaps we should reintroduce "resim… W.C.A. Wijngaards
- Re: [dnsext] perhaps we should reintroduce "resim… Florian Weimer
- Re: [dnsext] perhaps we should reintroduce "resim… Olafur Gudmundsson
- Re: [dnsext] perhaps we should reintroduce "resim… Nicholas Weaver
- Re: [dnsext] perhaps we should reintroduce "resim… Paul Hoffman
- Re: [dnsext] perhaps we should reintroduce "resim… Evan Hunt
- Re: [dnsext] perhaps we should reintroduce "resim… Olafur Gudmundsson
- Re: [dnsext] perhaps we should reintroduce "resim… Blacka, David
- Re: [dnsext] perhaps we should reintroduce "resim… Olafur Gudmundsson
- [dnsext] Ghost domain names Edward Lewis
- Re: [dnsext] perhaps we should reintroduce "resim… Blacka, David
- Re: [dnsext] perhaps we should reintroduce "resim… Olafur Gudmundsson
- Re: [dnsext] Ghost domain names Florian Weimer
- Re: [dnsext] perhaps we should reintroduce "resim… Mohan Parthasarathy
- Re: [dnsext] perhaps we should reintroduce "resim… Edward Lewis
- Re: [dnsext] perhaps we should reintroduce "resim… Paul Vixie
- Re: [dnsext] perhaps we should reintroduce "resim… Mohan Parthasarathy
- Re: [dnsext] perhaps we should reintroduce "resim… Mark Andrews
- Re: [dnsext] perhaps we should reintroduce "resim… Mohan Parthasarathy