On Aug 14, 2008, at 11:13 AM, <[EMAIL PROTECTED]> <[EMAIL PROTECTED]
> wrote:
ARIN holds the top of that authority and delegation hierarchy
because they give out the ASnums and IP address blocks.
And here I thought IANA handed out ASnums and IP address blocks to
ARIN (and RIPE and LACNIC and
On Aug 14, 2008, at 9:47 AM, brett watson wrote:
We're lacking the authority and delegation model that DNS has, I
think?
If one were to ignore layer 9 politics, it could be argued the
authority/delegation models between DNS and address space are quite
analogous.
DNS:
IANA maintains "."
Hi,
On Aug 14, 2008, at 6:38 AM, Brandon Butterworth wrote:
http://blog.wired.com/27bstroke6/2008/08/experts-accuse.html
"The Internet Assigned Numbers Authority -- which coordinates the
internet -- has been prototyping a system to sign the root-zone file
for the last year, but they can't do th
On Aug 8, 2008, at 3:53 PM, Deepak Jain wrote:
According to: http://www.netbsd.org/docs/network/ipv6/
The fine folks at NetBSD really need to update their IPv6 FAQ. That
stuff looks like the IPv6 marketing spiel from 1997 or so that has
long ago been proven ... 'optimistic'.
Rather than
Valdis,
On Jul 24, 2008, at 6:05 PM, [EMAIL PROTECTED] wrote:
On Thu, 24 Jul 2008 17:43:10 PDT, David Conrad said:
On Jul 24, 2008, at 4:24 PM, Tomas L. Byrnes wrote:
The problem is, once the ICANNt root is self-signed, the hope of
ever
revoking that dysfunctional mess as authority is gone
On Jul 24, 2008, at 4:24 PM, Tomas L. Byrnes wrote:
The problem is, once the ICANNt root is self-signed, the hope of ever
revoking that dysfunctional mess as authority is gone.
Sorry, I don't follow -- sounds like FUD to me. Care to explain this?
As far as I'm aware, as long as the KSK isn't
Hi,
On Jul 23, 2008, at 3:51 PM, Robert D. Scott wrote:
Actually you are not missing anything. It is a brute force attack.
I haven't looked at the exploit code, but the vulnerability Kaminsky
found is a bit more than a brute force attack. As has been pointed out
in various venues, it takes
On Jul 10, 2008, at 2:59 AM, Joao Damas wrote:
PS: I would also want a copy of, or a secure method to access, the
public part of the keys you use to sign those ccTLDs so I can place
them in ISC's DLV registry
IANA's 'interim trust anchor repository' will be publicly accessible
(of course).
On Jul 9, 2008, at 8:27 PM, Martin Hannigan wrote:
If there is sufficient interest, we could do a bar bof to describe
some of
the tools IANA has...
I think Sandy Murphy or other Sparta folks have presented some of the
work they've done on this... Perhaps finding one/some of them and
having a
55 PM, Christopher Morrow wrote:
On Wed, Jul 9, 2008 at 7:28 PM, David Conrad <[EMAIL PROTECTED]>
wrote:
On Jul 9, 2008, at 4:17 PM, Randy Bush wrote:
aside from just getting some cctlds signed, i will be interested
in the
tools, usability, work flow, ... i.e. what is it like for a poor
inn
On Jul 9, 2008, at 4:17 PM, Randy Bush wrote:
aside from just getting some cctlds signed, i will be interested in
the
tools, usability, work flow, ... i.e. what is it like for a poor
innocent cctld which wants to sign their zone?
If there is sufficient interest, we could do a bar bof to desc
Love to. We can also put your trust anchors in the prototype ITAR
(see the first part of https://par.icann.org/files/paris/IANAReportKim_24Jun08.pdf)
.
Regards,
-drc
On Jul 9, 2008, at 2:52 PM, Randy Bush wrote:
There are 4 ccTLDs (se, bg, pr, br) that are signed.
wanna crawl in a corner
On Jul 9, 2008, at 10:39 AM, <[EMAIL PROTECTED]> <[EMAIL PROTECTED]
> wrote:
Pressure your local ICANN officers?
Mmph. https://ns.iana.org/dnssec/status.html
(it's out of ICANN's hands)
Huh!?
...
It sounds like ICANN has the matter well in hand to me given
that it is only responsible for the
On Jul 9, 2008, at 9:05 AM, Christopher Morrow wrote:
Understanding that immediate DNSSEC deployment
is not a realistic expectation..." I wonder what NANOG folk can do
about the second part of that quote...
get the root zone signed, get com/net/org/ccTLD's signed.. oh wait,
There are 4 ccTLD
On Jun 30, 2008, at 10:43 PM, James Hess wrote:
Sure, nefarious use of say .local could cause a few problems but
this is
I'd be more concerned about nefarious use of a TLD like ".DLL",
".EXE", ".TXT"
Or other domains that look like filenames.
Like .INFO, .PL, .SH, and, of course, .COM?
On Jun 30, 2008, at 1:53 AM, Phil Regnauld wrote:
But considering the amount of flag waving and "Caution: Wet
Floor" signs ICANN placed when it rolled out something has
harmless as the IDN tests in the root, I'm surprised that they
haven't thought about all the non
On Jun 30, 2008, at 12:36 AM, Matthew Petach wrote:
If my company pays for and registers a new TLD, let's
call it "smtp" for grins, and I create an A record for "smtp."
in my top level zone file, how will users outside my company
resolve and reach that address?
I suspect the assumption is that
On Jun 28, 2008, at 4:19 AM, Raoul Bhatia [IPAX] wrote:
Tony Finch wrote:
On Thu, 26 Jun 2008, Jeroen Massar wrote:
thinking of all the nice security issues which come along (home,
mycomputer
and .exe etc anyone ? :)
.exe has the same security properties as .com
not exactly, as a lot of u
On Jun 27, 2008, at 8:59 PM, WWWhatsup wrote:
David Conrad wrote:
With that said, personally, I agree that more attention should be
spent on the welfare of the registrants. Unfortunately, given I work
for ICANN, my providing comments in the RAA public consultation along
those lines would be a
On Jun 27, 2008, at 6:11 PM, Jean-François Mezei wrote:
But my uneducated opinion is that this current project appears to let
the .TLD loose and this will result in top level domains being
meaningless, without any trust.
Given the complexity of the new gTLD process, I think it safe to say
tha
On Jun 27, 2008, at 3:30 PM, Bill Nash wrote:
On Jun 27, 2008, at 10:57 AM, Bill Nash wrote:
Out of curiosity, what are the problems you feel ICANN should be
spending its time on?
For starters, has Verisign ever been sanctioned by ICANN for it's
business practices,
You mean like Sitefinder
On Jun 27, 2008, at 1:32 PM, Roger Marquis wrote:
Phil Regnauld wrote:
As business models go, it's a fine example of how to build demand
without really servicing the community.
Of all the ways new tlds could have been implemented this has to be
the
most poorly thought out.
Oh, no. There
On Jun 27, 2008, at 2:02 PM, Scott Francis wrote:
what little assurance we have that e.g. bankofamerica.com is the
legitimate (or should I say, _a_ legitimate) site for the financial
institution of the same name becomes less certain when we have e.g.
bank.of.america, www.bankofamerica.bank, www.b
On Jun 27, 2008, at 12:23 PM, Scott Francis wrote:
If we can't even guarantee
reliability with the small handful of TLDs currently in use, when we
start introducing arbitrary new ones to anybody that can pay, I'm
concerned that it's going to make user support even more of a headache
I might sug
On Jun 27, 2008, at 11:58 AM, Phil Regnauld wrote:
The process ensures that too few new TLDs will be created for
it being a threat to VeriSign
This remains to be seen, at least from my perspective. I have no idea
how many TLDs are going to make it through the gauntlet or even
On Jun 27, 2008, at 10:57 AM, Bill Nash wrote:
I'd rather see ICANN spend time on current problems instead of
making new ones.
Out of curiosity, what are the problems you feel ICANN should be
spending its time on?
Regards,
-drc
Hi,
On Jun 27, 2008, at 5:22 AM, Alexander Harrowell wrote:
Well, at least the new TLDs will promote DNS-based cruft filtration.
You can
already safely ignore anything with a .name, .biz, .info, .tv
suffix, to
name just the worst.
Does this actually work? The vast majority of spam I recei
On Jun 27, 2008, at 10:24 AM, Scott Francis wrote:
more to the point ... what problem is ICANN trying to solve with this
proposal?
...
perhaps somebody with more insight can explain the rationale to me
(DRC?) - is there a purpose served here aside from corporate/legal
interests?
I suspect one's
On Jun 26, 2008, at 9:01 PM, Jean-François Mezei wrote:
Does anyone know how if the new gTLD system will still give some
"veto"
power to some people over some domain names that are morally
objectable
to some people ?
See pages 17 - 20 of
https://par.icann.org/files/paris/gTLDUpdateParis-23
On Jun 26, 2008, at 8:12 PM, Jim Popovitch wrote:
Is there any "full disclosure" clause in ICANN member contracts such
that gifts from, or stock in, a Registrar would be declared?
Not sure who an "ICANN member" would be. ICANN as a California
501c(3) has to publish all it's financial details
On Jun 26, 2008, at 1:34 PM, Ken Simpson wrote:
How will ICANN be allocating these?
https://par.icann.org/files/paris/GNSO-gTLD-Update-Paris22jun08.pdf
Regards,
-drc
Only the end-to-end principle...
Perhaps not relevant, but between any two consenting nodes, there can
be severe mangling of headers as long as what comes out the other side
looks pretty much the same as what went in. CSLIP is an example of
this.
Regards,
-drc
Hi,
On May 9, 2008, at 9:02 PM, Edward B. DREGER wrote:
> Talk of IPv6 space hoarding and fragmentation. Ughh. Perhaps we can
> avoid repeating IPv4 mistakes with IPv6.
Would be nice, but alas, it seems we're doomed to repeat most past
mistakes.
> Let each allocation be long
> enough to cont
On May 4, 2008, at 11:37 AM, Tomas L. Byrnes wrote:
> The artifact of MIT and others
> having /8s while the entire Indian subcontinent scrapes for /29s, can
> hardly be considered optimal or right.
While perhaps intended as hyperbole, this sort of statement annoys me
as it demonstrates an ignora
On May 3, 2008, at 8:37 PM, Joel Jaeggli wrote:
> William Warren wrote:
>> That also doesn't take into account how many /8's are being hoarded
>> by
>> organizations that don't need even 25% of that space.
> which one's would those be?
While I wouldn't call it hoarding, can any single (non-ISP)
> Has anyone ever figured out how to make multi-homing of customers who
> only have a /64 assigned to them work?
Same way you make multi-homing of customers who only have a IPv4 /32
assigned to them work, i.e., not well.
> Maybe the world really will end, and it's all due to IPv6!
Internet doo
Not to defend AT&T or the statement regarding capacity, but...
On Apr 20, 2008, at 4:16 AM, Jorge Amodio wrote:
> The article is full of gaffes, just to mention one "Internet exists,
> thanks
> to the infrastructure provided by a group of mostly private
> companies".
I suspect this was refere
Hi,
In another mailing list, someone has asserted that "noone believes
router vendors who say [they can support 2M routes today and 10M with
no change in technology]". Or perhaps more accurately, the router
vendors claiming this are being a bit disingenuous in that while it
is possible
On Aug 8, 2007, at 8:59 AM, Jamie Bowden wrote:
How is answering a query on TCP/53 any MORE dangerous than
answering it
on UDP/53? Really. I'd like to know how one of these security
nitwits
justifies it. It's the SAME piece of software answering the query
either way.
How many bytes of s
Hi,
On Aug 7, 2007, at 1:33 PM, Donald Stahl wrote:
Can someone, anyone, please explain to me why blocking TCP 53 is
considered such a security enhancement? It's a token gesture and
does nothing to really help improve security. It does, however,
cause problems.
It has been argued that it
Christian,
On Jun 29, 2007, at 10:13 AM, Christian Kuhtz wrote:
If you want to emulate IPv4
Given IPv6 is IPv4 with 96 more bits (or, if you prefer 16 more bits
from the ISP perspective), why would you assume there is a choice?
and destroy the DFZ,
I'm not sure what "destroy the DFZ" m
Ed,
On May 29, 2007, at 12:11 PM, Edward Lewis wrote:
If you want to read Dilbert on-line and I tell you that it is
available at a certain URL, would you rather I give you "http://
www.dilbert.com" or that I send you "if you use IPv4 then http://
www.dilbert.com" else if you use IPv6 then ht
Ed,
On May 29, 2007, at 9:22 AM, Edward Lewis wrote:
First - "the way you ask for names" is not different at the
application level, it is different in the "layer" in which you find
where to shoot packets.
Right. The problem is, the methodology by which you shoot packets
may or may not w
Should've clarified: this was in the context of IPv4...
To be honest, I'm not sure what the appropriate equivalent would be
in IPv6 (/128 or /64? Arguments can be made for both I suppose).
Rgds,
-drc
On May 29, 2007, at 9:34 AM, David Conrad wrote:
On May 29, 2007, at 8:23
On May 29, 2007, at 8:23 AM, Donald Stahl wrote:
vixie had a fun discussion about anycast and dns... something
about him
being sad/sorry about making everyone have to carry a /24 for f-root
everywhere.
Whether it's a /24 for f-root or a /20 doesn't really make a
difference- it's a routing ta
Jordi,
On May 29, 2007, at 6:50 AM, JORDI PALET MARTINEZ wrote:
This is useless. Users need to use the same name for both IPv4 and
IPv6,
Why?
The IETF chose to create a new protocol instead of extending the old
protocol. Even the way you ask for names is different (A vs. ).
Why sho
401 - 446 of 446 matches
Mail list logo
