Re: Why have we gotten away from running code?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Bill Manning wrote:

>     thats -one- reason that DNSSEC has gestated these long months/years.
>     operational feedback killed the first three attempts and may cripple the
>     current version beyond repair.

Remember that the current DNSSEC protocol was, without much
discussion, chosen without running code, against a counter
proposal of mine with running code.

With the counter proposal, a lot of pitfalls not avoided by
DNSSEC was pointed out. There are a lot of subtlety in DNS
related to delegation, CNAME, wild cards and so on, none of
which was addressed by DNSSEC.

However, the pitfalls are ignored. Resulting implementations
were buggy, of course. The pitfalls are reconsidered and worked
around later only from operational experiences, which was a long
and painful experience.

With the demonstration of so miserable quality of the
specification and implementations, it is not surprising that
DNSSEC is not accepted at all by operators community.

But, I'm not saying running code is above all.

What's essential is not running code itself but acceptance
by the end users, imprecise proxy of which is acceptance by
operators, imprecise proxy of which is acceptance by
implementors, that is, running code, imprecise proxy of which
is IETF consensus, which means there is little point for IETF
to standardize protocols.

						Masataka Ohta

PS

It turns out that both the WG and I was wrong that DNSSEC is
not at all deployed is a good thing, because DNSSEC gives no
better security than so called weak security (If you can
trust CAs and their employees between you and your peer that
they won't sign forged public key of you unconsciously nor
maliciously, you can trust ISPs and their employees between
you and your peer that they won't route your packets to
someone else not having the destination IP addresses
unconsciously nor maliciously).

So, instead of introducing DNSSEC, just rely on ISPs and the
destination IP addresses and use 3 way handshakes with cookies
to securely confirm the source IP addresses are not forged.
ISPs are as reliable as CAs. If you think ISPs are not so
reliable, CAs neither.



_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]