[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-iab-dns-choices-00.txt

To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
Subject: Re: I-D ACTION:draft-iab-dns-choices-00.txt
From: Mark Andrews <Mark_Andrews@isc.org>
Date: Sat, 23 Oct 2004 08:00:19 +1000
Cc: "'bmanning@vacation.karoshi.com'" <bmanning@vacation.karoshi.com>, namedroppers@ops.ietf.org
In-reply-to: Your message of "Fri, 22 Oct 2004 09:15:21 MST." <C6DDA43B91BFDA49AA2F1E473732113E010BECBE@mou1wnexm05.vcorp.ad.vrsn.com>

> > -----Original Message-----
> > From: bmanning@vacation.karoshi.com
> > > 	I'm seeing the same thing w/ the IP6.INT -> IP6.ARPA
> > > 	transition.  It is taking a long time because people left
> > > 	the IP6.INT crutch in place.  We really should not be
> > > 	shipping resolvers that use IP6.INT.  Stop making the old
> > > 	lookups and the new records will appear.
> > > 
> > > Mark Andrews, ISC
> > 
> > 	actually, when the queries stop (e.g. the old resolvers
> > 	are upgraded) the servers will be turned off. the new 
> > 	delegations (and by extention RR types) need to be visable
> > 	first.  
> 
> The community that is doing deployment of IPv6 is somewhat more
> technically astute than the average ISP netop.
> 
> If you are suggesting kicking away crutches from people who need
> them then you really are not going to be much help. Outside MIT
> LCS/AI and the IETF the idea of making a specification into
> an intelligence test is not very popular.

	We are not making it a intellegence test.  It will be the
	same as it is today.  You will go to a site and follow the
	instructions there.

	How to publish.
	* Upgrade your nameserver to one which is XXXX capable
	  Here is a list of servers which are capable.
		  <list of nameservers>
	  If you are running the following OS the nameserver that
	  ships with the OS is XXXX capable.
		  <list of OS's>
	* use our tool to create the relevent record and add it
	  to the zone.

	How to use
	* Upgrade you mail server to a XXXX capable server
		  <list of MTA>

	Most caching servers out there today are capable of handling
	the new record type.

	Once you have setup your MTA here is a email address that
	will attempt to send you a fake email.  It will have the
	following content.  If it gets through you have misconfigured
	your mail server or you need to upgrade your nameserver.
 
> The timescale that a solution has to be deployed in is very
> tight, we have a large number of criminal gangs that are stealing
> the life savings of seniors, many of whom do not exactly have the
> best mental faculties at this point.
>
> The reason that we have to redo PGP and S/MIME in the first place
> is that people were desiging systems to amuse themselves not protect
> real people from real risks. I am dealling with security for real 
> people, not for geeks.
	
	The longer you debate whether it can be done or not just
	increases the amount of work that has to be redone.  You 
	seem to be your own worse enemy here.

	Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews@isc.org

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

References:
- RE: I-D ACTION:draft-iab-dns-choices-00.txt
  - From: "Hallam-Baker, Phillip" <pbaker@verisign.com>

Prev by Date: Re: I-D ACTION:draft-iab-dns-choices-00.txt
Next by Date: RE: I-D ACTION:draft-iab-dns-choices-00.txt
Previous by thread: RE: I-D ACTION:draft-iab-dns-choices-00.txt
Next by thread: Re: I-D ACTION:draft-iab-dns-choices-00.txt
Index(es):
- Date
- Thread