Keith,
I do not find language such as 'delusions of authority' to be very helpful
in a technical discussion. Please note the recent posting to the DNS list on
this type of behavior from the IETF chair and attempt to engage in this
debate in a civilized manner.
I was refering to the Working Group. As you know, individual submissions and
all that. I had actually just sent off a note to Paul Vixie to ask about the
behavior of BIND. The issue is not in any case one that can be addressed
through the delegation only DNS zones.
The spam application assumes that action is taken by both the sending and
recieving party wrt DNS. So if part of the deployment requirement for a DNS
based authentication scheme is an upgrade of BIND that is not a problem.
The problem can be fixed without the need for DNSSEC. It just requires a
simple nonce reflection scheme to be added to the DNS protocol. This would
be quite easy to add. You add in a dummy record type which is always
responded to and always contains the exact same data as was present in the
original query.
Phill
-----Original Message-----
From: Keith Moore [mailto:moore(_at_)cs(_dot_)utk(_dot_)edu]
Sent: Thursday, March 06, 2003 3:23 PM
To: Hallam-Baker, Phillip
Cc: moore(_at_)cs(_dot_)utk(_dot_)edu; adam(_at_)cypherspace(_dot_)org;
hadmut(_at_)danisch(_dot_)de;
asrg(_at_)ietf(_dot_)org
Subject: Re: pros and cons of RMX (Re: [Asrg] Declaration to
the world)
On Thu, 6 Mar 2003 11:53:51 -0800
"Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com> wrote:
If DNS is broken we can fix it for this application.
please note - VeriSign does not control DNS, despite their
delusions of
authority.
Keith
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg