[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] Re: weakness in the DNS protocol
________________________________________ From: Erik Huizer [huizer@cs.uu.nl] Sent: Thursday, July 10, 2008 4:30 AM To: David Farber Subject: Re: [IP] Re: weakness in the DNS protocol Dave, While I mostly agree with your assesment I'd like to point out that something is moving in the DNSSEC area. PIR, the registry running .ORG has initiated deployment of DNSSEC. In April it submitted a plan for DNSSEC deployment to ICANN, which was ok-ed at the last ICANN meeting. The PIR board decided we did not want to wait any longer for a signed root and that we need to move forward, carefully, to get field deployment experience at the least. Gr. Erik Huizer a PIR Board member ================== prof. dr. Erik Huizer Internet Applications Institute of Information and Computing Sciences University Utrecht The Netherlands ================== David Farber wrote: > ________________________________________ > From: Dave Crocker [dcrocker@bbiw.net] > Sent: Wednesday, July 09, 2008 7:43 PM > To: David Farber > Cc: ip; Steven M. Bellovin > Subject: Re: [IP] Re: weakness in the DNS protocol > > David Farber wrote: >> From: Steven M. Bellovin [smb@cs.columbia.edu] > ... >> As ISC notes, DNSSEC is really the path we need to follow. > > > Work on DNSSec began almost 15 years ago, as a consequence of DNS > vulnerabilities being identified. (I was the cognizant IETF Area Director who > initiated it.) > > Yet we have virtually no adoption of DNSSec and no real plan for its adoption, > including signing the root or, ummm, routing around the DNSSec model's need for > signing the root. Discussion about progress? Sure. Actually progress, no? > > Most exchanges, like those that have just taken place on the IP list, simply end > by saying that DNSSec is the answer. Unfortunately, that utterance does not > solve the problem. > > We really do need to hear something that is more concrete, more pragmatic, and > more promising. > > d/ > -- > > Dave Crocker > Brandenburg InternetWorking > bbiw.net > > > > ------------------------------------------- -- -------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC