Randy Bush wrote:
>> What problem are we specifically trying to solve here again?
>
> not break things that are working
Yup. Qmail or any software produced by djb adhering the existing
standards of the Internet.
Paul Vixie wrote:
> everything is broken, depending on whom you ask.
The worst broken thing in DNS is DNSSEC.
As a person who have been saying DNSSEC has been broken from the
beginning, after which, as certain amount of operational experiences,
it was revised several times along ways to fix some (but not all),
IMHO, broken parts, may I volunteer to fix not ANT but DNSSEC entirely?
Before replying me, remember that you have been saying, from the
beginning, that DNSSEC was OK if it were properly implemented.
I may temporally ignore fundamental operational impossibility of
DNSSEC and try to make it least harmful w.r.t. DDOS.
Masataka Ohta
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
