Verisign Responds

• Previous message (by thread): Verisign Responds
• Next message (by thread): Verisign Responds
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The fact of the change is operational. The specifics may not be. In
this case, you've gone beyond general operational content and started
to delve into protocol specifications and the implementation thereof
for which there is a dedicated list in which there are people with
quite a bit more average knowledge and experience in the matter than
folks here.

IMO, namedroppers is deffinitely the better forum.

On Wed, Sep 24, 2003 at 02:46:06PM -0500, Jack Bates wrote:
> 
> Paul Vixie wrote:
> 
> >you are confused. and in any case this is off-topic. take it to 
> >namedroppers,
> >but before you do, please read rfc's 1033, 1034, 1035, 2136, 2181, and 
> >2317.
> 
> Can someone please tell me how a change to a critical component of the 
> Internet which has the capacity to cause harm is not an operational issue?
> 
> A TLD issues a wildcard. Instead of discovering if records match the 
> wildcard and returning NXDOMAIN (which is what everone wanted), the 
> software was designed to restrict records based on delegation.
> 
> Delegation was not broken. The changes made allow engineers to break it. 
> I'd consider this an issue. Reports have already come in of all the 
> various domains that people will mandate delegate-only for. For the 
> record, .museum was listed several times despite the request in 
> documentation to not force delegation, as were other zones.
> 
> In fact, many people were confused. They didn't understand what zone 
> delegation was. For the record, I've read all the RFC's you posted. To 
> many, it's an issue of wildcards. Yet BIND didn't solve the wildcard 
> problem. It solved a delegation problem, which was not only "not broken" 
> but has traditional use.
> 
> Which "countermeasures" being implemented did the IAB have an issue 
> with? I wonder since their arguement against the wildcards was the fact 
> that it breaks traditional use. BIND now easily breaks traditional use.
> 
> -Jack
> 
> 

---
Wayne Bouchard
web at typo.org
Network Dude
http://www.typo.org/~web/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 248 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20030924/6508280c/attachment.sig>

• Previous message (by thread): Verisign Responds
• Next message (by thread): Verisign Responds
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]