On Sat, Aug 24, 2013 at 6:43 PM,
<bmanning(_at_)vacation(_dot_)karoshi(_dot_)com> wrote:
On Sat, Aug 24, 2013 at 08:39:36AM -0400, Phillip Hallam-Baker wrote:
On Fri, Aug 23, 2013 at 3:46 PM, manning bill <bmanning(_at_)isi(_dot_)edu>
wrote:
the question is not that "nobody" checks type 99, the question
is
"is the rate of adoption
of type 99 -changing- in relation to type 16?
As John pointed out, support for checking type 99 has decreased and
continues to decrease rather than increase. So waiting longer is not
going
to solve the issue.
that is unclear... we have second hand reports, but only actual
data from very recent DNS logs. did those numbers increase or
decrease? No evidence has been presented.
We have statements from people who are involved in the industry concerned
and no reason to believe that they are lying.
This is not a reasonable objection and it is really not at all surprising
that people are getting rude when people are refusing to accept what the WG
considers established facts.
Putting a statement in an RFC does not mean that the world will
automatically advance towards that particular end state.
ain't it the truth. -BUT- its still worthwhile documenting the
best technical path and why it was abandoned. The issues wrt
wildcards (thanks), DNSSEC considerations, and code overhead to
demux type 16 vs. the temporary problem of two lookups -IF- type
99 is not used, plus past guidance from the IAB and the IESG really
need to make it into a document in the RFC cannon.
I don't think it was ever about the right technical path. It was about the
DNSEXT group not caring to bother to get their DNSSEC infrastructure
adopted by the constituencies they needed buy in from then trying to make
that effort the problem of the SPF people.
Forcing a WG to adopt a position to suit another constituency is not going
to lead them to advocate for that position in deployment constituencies.
Particularly when the original constituency does nothing to advance
deployment.
Dorthy Parker said: "You can lead a whore to culture, but you
can't make her think".
Point the bias arrow either way youd like. And as stated
elsewhere, if Yahoo, Google,
Microsoft, AOL, et.al. were simply waiting for the IETF to
settle on a solution,
I'll raise O'Dells law; "The installed base does not matter"
Its a stupid and wrong 'law'.
The deployed base is all that matters because before you get to the 'viral
marketing' network effects give you the 'chicken and egg problem'.
The reason HTTP and the Web took off was because we actually designed it to
take off fast. Meanwhile IPv6 and DNSSEC are still in the same state they
were 15 years ago, on the cusp of deployment in 5 years time. A large part
of the reason has been that the people pushing those initiatives have acted
as if deployment was inevitable.
I ran simulation studies of adoption to work out how to sell the Web.
The companies you cite have no stake in DNSSEC deployment. So why expect
them to favor a technical measure designed to facilitate DNSSEC deployment?
--
Website: http://hallambaker.com/