On Aug 23, 2013, at 9:19 AM, Paul Vixie <[email protected]> wrote: > if nasa.gov had screwed up its delegation or had allowed its public secondary > servers to expire the zone due to primary unreachability, i do not think the > phone at comcast would have rung less, but i also don't think that comcast > would have fixed nasa's error in local policy.
That's because every resolver operator would have been affected, not just Comcast, so the screams that Comcast (alone) was censoring NASA for <conspiracy theory du jour) would have been trivially dismissed. If you want a reminder of the stupidity Comcast (alone AFAIK) experienced, see http://nasawatch.com/archives/2012/01/comcast-blocks.html > we're only talking about this because DNSSEC is new. Of course. NTA is a mechanism that allows folks who want to do the right thing to do so without incurring costs that folks who aren't interested in doing the right thing won't incur. As more folks start validating, the playing field levels out and the need for NTA decreases. Regards, -drc
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
