Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?

Joe Greco jgreco at ns.sol.net
Sat Jul 26 15:05:18 CDT 2008


> what i do not understand is why people think screaming to the choir will
> make any significant difference?

Think about it.  Would you rather nobody make a big deal about it and have
it go unpatched lots of places, and have nobody understand what a monumental
train wreck this all is, or would it be better that people take some notice,
and have resources like NANOG available to help them make the case about
how this needs to be patched, and also just how much we all need DNSSEC?

Sometimes the only thing you can do is scream at the choir, but if that can
make even a small difference, why not?

And Paul's absolutely correct, this is not something where we can afford to
let that happen.  You will be affected regardless, whether it is because 
your customers are relying on an answer provided by a nameserver somewhere
else in the infrastructure that has been corrupted, or whatever.  And
patching does not appear to guarantee invulnerability (eek!)

The Really Scary Possibilities (at least the one that really frightens me)
Have Not Been Discussed On This List.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.




More information about the NANOG mailing list