> From: Keith Moore [mailto:moore@xxxxxxxxxx] > > > maybe this is because "protocol purity zealots" take a long term > > > view and want to preserve the flexibility of the net "market" to > > > continue to grow and support new applications, whereas the NAT > > > vendors are just eating their seed corn. > > > > Your long term view is irrelevant if you are unable to meet > short term > > challenges. > > very true. but at the same time, it's not enough to meet short term > challenges without providing a path to something that is > sustainable in the long term. Which is why abdicating responsibility for meeting short term challenges is so detrimental. DNSSEC has been held up unnecessarily for five years because successive WG chairs have failed to understand the urgency of certain critical deployment issues. I would also like the IAB to take a pro-active role of telling WGs that certain requirements are essential for deployment. In the case of DNSSEC the privacy issue of stopping zone walking is essential if there is going to be forward progress, as is the requirement that the cost of turning on DNSSEC on a resolver be proportional to the security value, ie. Proportional to the number of signed zones. Blocking the technology required to address two issues has held up DNSSEC for five years. People can dispute opinions but not facts. The fact is that it has taken far too long to deploy DNSSEC.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf