Re: draft-iab-dns-applications - clarification re: Send-N

ietf

Re: draft-iab-dns-applications - clarification re: Send-N

2010-10-20 20:14:39

Phillip Hallam-Baker wrote:


The weakest DNS architectural idea is the notion that DNS resolvers are
untrusted. This is simply wrong. Every DNS resolver performs a trusted role.


Nope, just the opposite.  Name to address translation is meant to
be an extremely lightweight and fast service.

Hostnames are NOT supposed to be trusted in any way and it a serious
misconception to think they're trusted.

If you want to authenticate your peer, use something like an SSH host key.
The routing of datagrams on the internet is also untrusted, so any notion
that a service that translates hostnames into IP-Addresses should be
trusted is fatally flawed and is totally ignorant about the fundamental
architecture of the internet.

-Martin
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: draft-iab-dns-applications - clarification re: Send-N, (continued) Re: draft-iab-dns-applications - clarification re: Send-N, John Levine Re: draft-iab-dns-applications - clarification re: Send-N, Ray Bellis Re: draft-iab-dns-applications - clarification re: Send-N, Martin Rex Re: draft-iab-dns-applications - clarification re: Send-N, Phillip Hallam-Baker RE: draft-iab-dns-applications - clarification re: Send-N, Richard Shockey Re: draft-iab-dns-applications - clarification re: Send-N, bill manning Re: draft-iab-dns-applications - clarification re: Send-N, David Conrad Re: draft-iab-dns-applications - clarification re: Send-N, bill manning RE: draft-iab-dns-applications - clarification re: Send-N, Richard Shockey Re: draft-iab-dns-applications - clarification re: Send-N, Phillip Hallam-Baker Re: draft-iab-dns-applications - clarification re: Send-N, Martin Rex <= Re: draft-iab-dns-applications - clarification re: Send-N, Mark Andrews Re: draft-iab-dns-applications - clarification re: Send-N, Phillip Hallam-Baker Re: draft-iab-dns-applications - clarification re: Send-N, Martin Rex Re: draft-iab-dns-applications - clarification re: Send-N, Mark Andrews Re: draft-iab-dns-applications - clarification re: Send-N, Masataka Ohta Re: draft-iab-dns-applications - clarification re: Send-N, Olaf Kolkman Re: draft-iab-dns-applications - clarification re: Send-N, Phillip Hallam-Baker Re: draft-iab-dns-applications - clarification re: Send-N, Peterson, Jon Re: draft-iab-dns-applications - clarification re: Send-N, Masataka Ohta Re: draft-iab-dns-applications - clarification re: Send-N, Bernie Hoeneisen

Previous by Date:	Re: draft-iab-dns-applications - clarification re: Send-N, Masataka Ohta
Next by Date:	Re: draft-iab-dns-applications - clarification re: Send-N, Mark Andrews
Previous by Thread:	Re: draft-iab-dns-applications - clarification re: Send-N, Phillip Hallam-Baker
Next by Thread:	Re: draft-iab-dns-applications - clarification re: Send-N, Mark Andrews
Indexes:	[Date] [Thread] [Top] [All Lists]