On Thu, 18 Mar 2004, Yakov Shafranovich wrote:
Paul Vixie wrote:
vjs(_at_)calcite(_dot_)rhyolite(_dot_)com (Vernon Schryver) writes:
... but I don't see any direct connection between [DNSSEC] and a
replacement for DNS blacklists.
i know. but you asked about trust query protocols, not about blackhole
lists. as the creator of the first blackhole list, let me just say,
"they don't scale."
Are you saying that a new secure scalable trust query protocol be help?
What about the inherent resistance of existing people to change?
This excuse is used as stop sign for number of new idea or protocol change
in case of IETF. Don't listen to it - propose the ideas and work on them,
if its truly good - it should be at least attempted.
As far as trust protocol or whatever, this is very far from mainstream and
current mechanisms are either within group of geeks using PGP or large
corporations that use S/MIME and need it for their internal policies.
It has not entered society at large so we still have time to come up with
something good that will make it worth it for that to happen.