Re: [dnsext] we need help to make names the same, was draft-yao-dnsext-identical-resolution-02 comment
Phillip Hallam-Baker <hallam@gmail.com> Thu, 24 February 2011 13:44 UTC
Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 033753A6B23; Thu, 24 Feb 2011 05:44:11 -0800 (PST)
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A39033A6B23 for <dnsext@core3.amsl.com>; Thu, 24 Feb 2011 05:44:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.566
X-Spam-Level:
X-Spam-Status: No, score=-3.566 tagged_above=-999 required=5 tests=[AWL=0.032, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tz0vo5en5ZfM for <dnsext@core3.amsl.com>; Thu, 24 Feb 2011 05:44:08 -0800 (PST)
Received: from mail-bw0-f44.google.com (mail-bw0-f44.google.com [209.85.214.44]) by core3.amsl.com (Postfix) with ESMTP id D13023A6806 for <dnsext@ietf.org>; Thu, 24 Feb 2011 05:44:07 -0800 (PST)
Received: by bwz13 with SMTP id 13so1240630bwz.31 for <dnsext@ietf.org>; Thu, 24 Feb 2011 05:44:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=n7YJY4TBvoYVv+pf11t3adwD8/KReq3ni3AzZgj5Ni8=; b=LZ0c2o0CTATsRfW+eZdDEvpVyKwcCeB6tqgkA/IWF8qHiFO778TUU0L5n1c9fqF9nR EzX0KcmgTxMtghc+WiReioTbxBaK7aZy2L9twOkxvZIZMdXdptlaTUbh8k3K6z88omLj 3x4dU2uINTRfK66yqDyIFq4A+l5GlINH0nwro=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=rLo87T6L27CpjcPIf1hhKysq6HDNdPVVVeTq1atGTVN6Wjd7Peod6GkO5uDc5HqCT5 aFCpt2F4Sx7eeKDE8bSCWKSpwvWC/ZV95H0AXbaRAdz89kQywfdmantpWfkh8FQr3/eJ iGTW9QfLXFsKuBwKpURCY/zJMT68sKTtquAPI=
MIME-Version: 1.0
Received: by 10.204.7.213 with SMTP id e21mr778755bke.47.1298555094667; Thu, 24 Feb 2011 05:44:54 -0800 (PST)
Received: by 10.204.14.139 with HTTP; Thu, 24 Feb 2011 05:44:54 -0800 (PST)
In-Reply-To: <8657EF4A-A08D-46E5-8917-553AE377CAD8@ICSI.Berkeley.EDU>
References: <20110216165921.GW96213@shinkuro.com> <3B90ED2E-980D-4B01-889F-447D66D0B58D@insensate.co.uk> <20110216174011.GZ96213@shinkuro.com> <20110218143653.GC84482@bikeshed.isc.org> <20110218151209.GF66684@shinkuro.com> <4D5EEE09.4080405@dougbarton.us> <20110218222950.GL74065@shinkuro.com> <4D5F270F.20401@abenaki.wabanaki.net> <199C7B2B4228461FB024E59A990DB46D@ics.forth.gr> <4D641DB6.4090705@necom830.hpcl.titech.ac.jp> <20110222205617.GS53815@shinkuro.com> <4D64489B.7020901@necom830.hpcl.titech.ac.jp> <713D992A-1DB9-4F72-9D18-8E923AD51D8D@icsi.berkeley.edu> <AANLkTikf2ixw7JkxQiRBobv-seYnaYS0E3G8TboosnA=@mail.gmail.com> <alpine.LSU.2.00.1102231029260.27602@hermes-1.csi.cam.ac.uk> <AANLkTin6-mXBeKC_TzgvWUaCyxKfeZxTK1BQvXtpwuCN@mail.gmail.com> <4CC95816-8225-4CAE-897F-3F13F965BCEE@ICSI.Berkeley.EDU> <alpine.LSU.2.00.1102240953550.5244@hermes-1.csi.cam.ac.uk> <AANLkTiniVDDZXFOV4WryNN=+hK29rBO8_HTAqw7bK=Nf@mail.gmail.com> <AANLkTikZYBYyRKkZzMCuCJbVpqLx-2BBYW3TSMQ8ZL81@mail.gmail.com> <8657EF4A-A08D-46E5-8917-553AE377CAD8@ICSI.Berkeley.EDU>
Date: Thu, 24 Feb 2011 08:44:54 -0500
Message-ID: <AANLkTikHm62x=+xWpSRyERw2cB31yZZhVkTT-90dgFjk@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Nicholas Weaver <nweaver@icsi.berkeley.edu>
Cc: dnsext@ietf.org
Subject: Re: [dnsext] we need help to make names the same, was draft-yao-dnsext-identical-resolution-02 comment
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0062134713=="
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org
So you are saying that it is TOO LATE to make a change that would have major impact on the practice of domain management? It really has to be one or the other. Either it is too late to make major change or its all on the table. Or alternatively, the proposed use case may not justify a major change. On Thu, Feb 24, 2011 at 8:37 AM, Nicholas Weaver <nweaver@icsi.berkeley.edu>wrote: > > On Feb 24, 2011, at 5:17 AM, Phillip Hallam-Baker wrote: > > > > > > > On Thu, Feb 24, 2011 at 7:52 AM, Tony Finch <dot@dotat.at> wrote: > > On Thu, 24 Feb 2011, Phillip Hallam-Baker wrote: > > > > > > Why would I need a time machine? You still don't have anyone actually > using > > > DNSSEC for production? > > > > Speak for yourself. We're using it in cam.ac.uk and so are our friends > at > > ic.ac.uk. Large amounts of cz is signed. > > > > Generating signatures is one thing. > > > > You don't have a deployment until you have people verifying the > signatures and the results affect their behavior. > > All Comcast customers who've opted out of the NXDOMAIN wildcarding are > behind resolvers that validate DNSSEC. > > > nweaver% dig www.dnssec-failed.org > > ; <<>> DiG 9.6.0-APPLE-P2 <<>> www.dnssec-failed.org > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 36205 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;www.dnssec-failed.org. IN A > > ;; Query time: 47 msec > ;; SERVER: 192.168.1.1#53(192.168.1.1) > ;; WHEN: Thu Feb 24 05:35:42 2011 > ;; MSG SIZE rcvd: 39 > > > nweaver% dig +cd www.dnssec-failed.org > > ; <<>> DiG 9.6.0-APPLE-P2 <<>> +cd www.dnssec-failed.org > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1844 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;www.dnssec-failed.org. IN A > > ;; ANSWER SECTION: > www.dnssec-failed.org. 7200 IN A 68.87.64.48 > > ;; Query time: 15 msec > ;; SERVER: 192.168.1.1#53(192.168.1.1) > ;; WHEN: Thu Feb 24 05:35:48 2011 > ;; MSG SIZE rcvd: 55 > > -- Website: http://hallambaker.com/
_______________________________________________ dnsext mailing list dnsext@ietf.org https://www.ietf.org/mailman/listinfo/dnsext
- Re: [dnsext] DNSEXT progress and possible meeting… Vaggelis Segredakis
- Re: [dnsext] DNSEXT progress and possible meeting… Suzanne Woolf
- [dnsext] DNSEXT progress and possible meeting at … Olafur Gudmundsson
- [dnsext] draft-yao-dnsext-identical-resolution-02… Vaggelis Segredakis
- Re: [dnsext] draft-yao-dnsext-identical-resolutio… Suzanne Woolf
- Re: [dnsext] draft-yao-dnsext-identical-resolutio… Vaggelis Segredakis
- Re: [dnsext] draft-yao-dnsext-identical-resolutio… Andrew Sullivan
- Re: [dnsext] draft-yao-dnsext-identical-resolutio… Suzanne Woolf
- Re: [dnsext] draft-yao-dnsext-identical-resolutio… Andrew Sullivan
- Re: [dnsext] draft-yao-dnsext-identical-resolutio… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… John Levine
- Re: [dnsext] we need help to make names the same,… Jay Ashworth
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… John Levine
- Re: [dnsext] we need help to make names the same,… Alex Bligh
- Re: [dnsext] we need help to make names the same,… John R. Levine
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Alex Bligh
- Re: [dnsext] we need help to make names the same,… Tony Finch
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Vaggelis Segredakis
- Re: [dnsext] we need help to make names the same,… Andrew Sullivan
- Re: [dnsext] we need help to make names the same,… Andrew Sullivan
- Re: [dnsext] we need help to make names the same,… Lawrence Conroy
- Re: [dnsext] we need help to make names the same,… Alex Bligh
- Re: [dnsext] we need help to make names the same,… Nicholas Weaver
- Re: [dnsext] we need help to make names the same,… Andrew Sullivan
- Re: [dnsext] we need help to make names the same,… John R. Levine
- Re: [dnsext] we need help to make names the same,… John R. Levine
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Mark Andrews
- Re: [dnsext] we need help to make names the same,… Mark Andrews
- Re: [dnsext] we need help to make names the same,… Mark Andrews
- Re: [dnsext] we need help to make names the same,… Doug Barton
- Re: [dnsext] we need help to make names the same,… John Levine
- Re: [dnsext] we need help to make names the same,… Mark Andrews
- Re: [dnsext] we need help to make names the same,… Vaggelis Segredakis
- Re: [dnsext] we need help to make names the same,… Vaggelis Segredakis
- Re: [dnsext] we need help to make names the same,… Vaggelis Segredakis
- Re: [dnsext] we need help to make names the same,… Vaggelis Segredakis
- Re: [dnsext] we need help to make names the same,… Tony Finch
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Niall O'Reilly
- Re: [dnsext] we need help to make names the same,… Danny Mayer
- Re: [dnsext] we need help to make names the same,… Vaggelis Segredakis
- Re: [dnsext] we need help to make names the same,… Vaggelis Segredakis
- Re: [dnsext] we need help to make names the same,… Jay Ashworth
- Re: [dnsext] we need help to make names the same,… Jay Ashworth
- Re: [dnsext] we need help to make names the same,… Andrew Sullivan
- Re: [dnsext] we need help to make names the same,… Mark Andrews
- Re: [dnsext] we need help to make names the same,… Danny Mayer
- Re: [dnsext] we need help to make names the same,… Mark Andrews
- Re: [dnsext] we need help to make names the same,… Danny Mayer
- Re: [dnsext] we need help to make names the same,… Mark Andrews
- Re: [dnsext] we need help to make names the same,… Brian Dickson
- [dnsext] SRV and wildcard CNAME Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Patrik Fältström
- Re: [dnsext] we need help to make names the same,… John R. Levine
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Patrik Fältström
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Danny Mayer
- Re: [dnsext] we need help to make names the same,… Suzanne Woolf
- Re: [dnsext] we need help to make names the same,… Andrew Sullivan
- Re: [dnsext] we need help to make names the same,… Paul Vixie
- Re: [dnsext] we need help to make names the same,… Doug Barton
- Re: [dnsext] we need help to make names the same,… Andrew Sullivan
- Re: [dnsext] we need help to make names the same,… Doug Barton
- Re: [dnsext] we need help to make names the same,… Mark Andrews
- Re: [dnsext] we need help to make names the same,… Andrew Sullivan
- Re: [dnsext] we need help to make names the same,… Doug Barton
- Re: [dnsext] we need help to make names the same,… Eric Brunner-Williams
- Re: [dnsext] SRV and wildcard CNAME Phillip Hallam-Baker
- Re: [dnsext] we need help to make names the same,… Jay Ashworth
- Re: [dnsext] we need help to make names the same,… Phillip Hallam-Baker
- Re: [dnsext] we need help to make names the same,… Tony Finch
- Re: [dnsext] SRV and wildcard CNAME Masataka Ohta
- Re: [dnsext] SRV and wildcard CNAME Mark Andrews
- Re: [dnsext] SRV and wildcard CNAME Masataka Ohta
- Re: [dnsext] SRV and wildcard CNAME Mark Andrews
- Re: [dnsext] SRV and wildcard CNAME Masataka Ohta
- Re: [dnsext] SRV and wildcard CNAME Larry Brower
- Re: [dnsext] SRV and wildcard CNAME Masataka Ohta
- Re: [dnsext] SRV and wildcard CNAME Phillip Hallam-Baker
- Re: [dnsext] SRV and wildcard CNAME Mark Andrews
- Re: [dnsext] SRV and wildcard CNAME Masataka Ohta
- Re: [dnsext] SRV and wildcard CNAME Masataka Ohta
- Re: [dnsext] SRV and wildcard CNAME Phillip Hallam-Baker
- Re: [dnsext] slave signing, was does making names… Phillip Hallam-Baker
- Re: [dnsext] we need help to make names the same,… Vaggelis Segredakis
- Re: [dnsext] we need help to make names the same,… Phillip Hallam-Baker
- Re: [dnsext] we need help to make names the same,… Eric Brunner-Williams
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Andrew Sullivan
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- [dnsext] bi-directionality Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Nicholas Weaver
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Nicholas Weaver
- Re: [dnsext] we need help to make names the same,… Phillip Hallam-Baker
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Tony Finch
- Re: [dnsext] we need help to make names the same,… Tony Finch
- Re: [dnsext] we need help to make names the same,… Tony Finch
- Re: [dnsext] we need help to make names the same,… Nicholas Weaver
- Re: [dnsext] we need help to make names the same,… Eric Brunner-Williams
- Re: [dnsext] we need help to make names the same,… Phillip Hallam-Baker
- Re: [dnsext] we need help to make names the same,… Nicholas Weaver
- Re: [dnsext] we need help to make names the same,… Donald Eastlake
- Re: [dnsext] we need help to make names the same,… Masataka Ohta
- Re: [dnsext] we need help to make names the same,… Tony Finch
- Re: [dnsext] we need help to make names the same,… Phillip Hallam-Baker
- Re: [dnsext] we need help to make names the same,… Tony Finch
- Re: [dnsext] we need help to make names the same,… Phillip Hallam-Baker
- Re: [dnsext] we need help to make names the same,… Phillip Hallam-Baker
- Re: [dnsext] we need help to make names the same,… Tony Finch
- Re: [dnsext] we need help to make names the same,… Nicholas Weaver
- Re: [dnsext] we need help to make names the same,… Phillip Hallam-Baker
- Re: [dnsext] we need help to make names the same,… Nicholas Weaver
- Re: [dnsext] we need help to make names the same,… Eric Brunner-Williams
- Re: [dnsext] we need help to make names the same,… Alex Nicoll
- Re: [dnsext] we need help to make names the same,… Tony Finch
- [dnsext] does making names the same NEED protocol… Nicholas Weaver
- Re: [dnsext] does making names the same NEED prot… Phillip Hallam-Baker
- Re: [dnsext] does making names the same NEED prot… Nicholas Weaver
- Re: [dnsext] does making names the same NEED prot… Alex Bligh
- Re: [dnsext] does making names the same NEED prot… Suzanne Woolf
- Re: [dnsext] does making names the same NEED prot… Andrew Sullivan
- Re: [dnsext] does making names the same NEED prot… Phillip Hallam-Baker
- Re: [dnsext] does making names the same NEED prot… Tony Finch
- Re: [dnsext] does making names the same NEED prot… Alex Bligh
- Re: [dnsext] slave signing, was does making names… John Levine
- Re: [dnsext] does making names the same NEED prot… Phillip Hallam-Baker
- Re: [dnsext] does making names the same NEED prot… Andrew Sullivan
- Re: [dnsext] does making names the same NEED prot… Phillip Hallam-Baker
- Re: [dnsext] does making names the same NEED prot… Tony Finch
- Re: [dnsext] does making names the same NEED prot… Michael Graff
- Re: [dnsext] does making names the same NEED prot… Nicholas Weaver
- Re: [dnsext] does making names the same NEED prot… Andrew Sullivan
- Re: [dnsext] does making names the same NEED prot… Nicholas Weaver
- Re: [dnsext] does making names the same NEED prot… Brian Dickson
- Re: [dnsext] does making names the same NEED prot… Andrew Sullivan
- Re: [dnsext] does making names the same NEED prot… Ted Hardie
- Re: [dnsext] slave signing, was does making names… John Levine
- Re: [dnsext] slave signing, was does making names… Phillip Hallam-Baker
- Re: [dnsext] the same in old days, was making nam… John Levine
- Re: [dnsext] slave signing, was does making names… John Levine
- Re: [dnsext] the same in old days, was making nam… Alex Bligh
- Re: [dnsext] the same in old days, was making nam… John R. Levine
- Re: [dnsext] the same in old days, was making nam… Alex Bligh
- Re: [dnsext] the same in old days, was making nam… John R. Levine
- Re: [dnsext] the same in old days, was making nam… Phillip Hallam-Baker
- Re: [dnsext] the same in old days, was making nam… Ted Hardie
- Re: [dnsext] the same in old days, was making nam… Eric Brunner-Williams
- Re: [dnsext] the same in old days, was making nam… Ted Hardie
- Re: [dnsext] the same in old days, was making nam… Eric Brunner-Williams
- [dnsext] Terminological precision (was: the same … Andrew Sullivan
- Re: [dnsext] the same in old days, was making nam… Ted Hardie
- Re: [dnsext] does making names the same NEED prot… Olafur Gudmundsson
- Re: [dnsext] the same in old days, was making nam… Doug Barton