trouble with .gov dns?
Edward Lewis
Ed.Lewis at neustar.biz
Tue May 3 17:11:10 UTC 2011
At 18:53 +0200 5/3/11, Florian Weimer wrote:
>* David Conrad:
>
>> On May 2, 2011, at 10:19 PM, Florian Weimer wrote:
>>> I would go even further---the DO bit is not about DNSSEC at all.
>>
>> Err, yes it is.
>
>I know you think it is, but you're wrong if you look at the overall
>protocol.
This is becoming a thread-to-the-death over a general weakness in the
DNS protocol. (Realizing this mailing list is NANOG, not an IETF
one.) Like it or not, "versioning" and "negotiation" are
poor-to-non-existent in DNS. What's happening here is a document
author (David) meant one thing and implementations (e.g., BIND)
interpreting the document another way. It doesn't matter that David
is right (in that he meant it another way, and the way is what the WG
meant), it more matters that the ship has sailed on "fixing" this in
implementations. And frankly, the fix isn't that important in
retrospect because what the implementers did is actually ok, we can
and we do live nicely with it.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
NeuStar You can leave a voice message at +1-571-434-5468
Me to infant son: "Waah! Waah! Is that all you can say? Waah?"
Son: "Waah!"
More information about the NANOG
mailing list