[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DS and Opt-in - a proposal

To: bert hubert <ahu@ds9a.nl>
Subject: Re: DS and Opt-in - a proposal
From: Greg Hudson <ghudson@mit.edu>
Date: 28 Dec 2001 09:25:26 -0500
Cc: namedroppers@ops.ietf.org
In-reply-to: <20011228075044.B22180@outpost.ds9a.nl>
References: <E16HYtK-000IR8-00@rip.psg.com><20011227101446.284405ec.olaf@ripe.net> <20011228075044.B22180@outpost.ds9a.nl>

On Fri, 2001-12-28 at 01:50, bert hubert wrote:
> I seem to keep hammering this point - have clientside people been involved
> yet? The vast majority of DNS lookups right now are A queries, and most of
> those come from the browser.

In the Unix world, at least, the applications shouldn't have to get
involved, just the recursive resolver (named, traditionally) and to some
extent the stub resolver in libc.  The application may be interested in
knowing whether a DNS record was signed, but even if it doesn't care, a
signed record can't be subverted by DNS spoofing.

I don't know enough about the non-Unix world (which, admittedly, is
where most of the users are) to comment on it.

to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.

Follow-Ups:
- Re: DS and Opt-in - a proposal
  - From: bert hubert <ahu@ds9a.nl>

References:
- DS and Opt-in - a proposal
  - From: Olafur Gudmundsson <ogud@ogud.com>, Randy Bush <randy@psg.com>
- Re: DS and Opt-in - a proposal
  - From: "Olaf M. Kolkman" <olaf@ripe.net>
- Re: DS and Opt-in - a proposal
  - From: bert hubert <ahu@ds9a.nl>

Prev by Date: Re: DS and Opt-in - a proposal
Next by Date: Re: DS and Opt-in - a proposal
Previous by thread: Re: DS and Opt-in - a proposal
Next by thread: Re: DS and Opt-in - a proposal
Index(es):
- Date
- Thread