[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Noah's principle

To: namedroppers@ops.ietf.org
Subject: Noah's principle
From: Roy Arends <roy@nominet.org.uk>
Date: Tue, 12 Dec 2006 12:22:52 +0000
Delivery-date: Tue, 12 Dec 2006 12:30:53 +0000
Envelope-to: namedroppers-data@psg.com

I've read MSJ's SO document. I think the approach is certainly 
interesting, but I'm not convinced that Mike's proposal (the part that 
deals with absence of authenticated denial/proven non-existence) will 
significantly increase DNSSEC deployment, which I think is the main 
motivation behind this proposal. I like the idea of the signer being a 
non-parent, (or, for that matter, the signed being a non-child), but that 
is IMHO a whole new research topic.

The discussion on the validity of deploying DNSSEC, or on the feasibility 
or impact of attacks on DNS, is repetitive and old, and has less 
participants every time around. I'm going to apply Noah's principle for my 
own involvement these particular Namedroppers discussions: no more prizes 
on forecasting rain; only for building arks. 

DNSSEC development and deployment is real. A few TLD's deploy DNSSEC, and 
most of the DNS related software developers I've talked to have, or are 
willing to implement DNSSEC. Microsoft's public commitment on adding 
DNSSEC to their server/resolver set is yet one more prize. Meanwhile, 
everyone who wants to use or deploy DNSSEC is screaming for tools, so more 
prizes to win there.

Roy Arends
Nominet

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

Prev by Date: Re: DNSSEC - Signature Only vs the MX/A issue.
Next by Date: RE: DNSSEC - Signature Only vs the MX/A issue.
Previous by thread: Re: 2929bis RRTYPE Allocation for the ENUM Branch Location Record
Next by thread: Re: Noah's principle
Index(es):
- Date
- Thread