Randy Bush wrote: >> What problem are we specifically trying to solve here again? > > not break things that are working
Yup. Qmail or any software produced by djb adhering the existing standards of the Internet. Paul Vixie wrote: > everything is broken, depending on whom you ask. The worst broken thing in DNS is DNSSEC. As a person who have been saying DNSSEC has been broken from the beginning, after which, as certain amount of operational experiences, it was revised several times along ways to fix some (but not all), IMHO, broken parts, may I volunteer to fix not ANT but DNSSEC entirely? Before replying me, remember that you have been saying, from the beginning, that DNSSEC was OK if it were properly implemented. I may temporally ignore fundamental operational impossibility of DNSSEC and try to make it least harmful w.r.t. DDOS. Masataka Ohta _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop