ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Proposed DNSSEC Plenary Experiment for IETF 74

2008-11-27 16:13:54
from [Dave CROCKER] [Permanent Link] 


Steve Crocker wrote:
[As entertainment for the audience, I am sure everyone will enjoy seeing my brother and I take opposite sides in this discussion. Enjoy ;) ] 
...

There are three distinct elements of what's being planned.

...
Russ's note initiated discussion of this last piece without setting the context with the first two pieces. Let me say a few words about each piece. 
...
In line with David's note, there are indeed a lot of details to cover, including explanatory notes on how end systems need to be configured to ask for signed responses. measurements, etc., etc. All normal stuff and all part of what we are more than capable of doing all the time. 


Steve, et al,
Damn. Given your opening, I was hoping for something a little more entertaining. Especially since the only "side" my note was intended to take was to observe the stated objections and suggest moving into a project-planning mode, so that debate was about concrete details.
What you've done is to agree that there are quite a few details. As you note, the mailing list didn't yet have the context to be aware that, apparently, many are already in place. 

So I'd class your note as a follow-through of mine, rather than opposing it...
Reference to signing ietf.org suggests that the intent is to limit the experiment to operation within the ietf.org domain name. But since you and others have refereed to other branches that are signed, I assume more elaborate scenarios are intended to work.
That is, since we know that the full DNS tree isn't signed, I assume that there are constraints on the scenarios that can be tested. 

What are they?
And in line with your final paragraph, we do need details for the many client platforms: linices, windows, and mac platforms... and maybe some of the mobile ones, such as WM7, Android, ...? 

A quick google for windows dnssec produces no useful points high in the 
sequence.

d/

--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Proposed DNSSEC Plenary Experiment for IETF 74, Steve Crocker
Next by Date:  Re: Proposed DNSSEC Plenary Experiment for IETF 74, Lucy Lynch
Previous by Thread:  Re: Proposed DNSSEC Plenary Experiment for IETF 74, Steve Crocker
Next by Thread:  Re: Proposed DNSSEC Plenary Experiment for IETF 74, Stephane Bortzmeyer
Indexes:  [Date] [Thread] [Top] [All Lists]