Thank you for the elegant response. BCP 61 describes this issue well, too. https://tools.ietf.org/html/bcp61
DNS seems like it still operates in the clear, and that doesn't seem good. thanks, Rob On Sun, Jul 14, 2019 at 6:34 PM Paul Vixie <[email protected]> wrote: > On Sunday, 14 July 2019 23:09:00 UTC Rob Sayre wrote: > > Paul Vixie wrote: > > > ... > > > > Was DNS intentionally designed to be insecure? > > no. nor ip itself, or ncp which preceded it, or tcp, or udp, or icmp, or > smtp, > ot http. it was insecure because it evolved in a safe, germ free academic > bubble. absolutely none of it was designed with billions of people in > mind, or > the full cross section of humanity which would include criminals and > national > intelligence services. the world of the internet in 2019 would have been > seen > as a total freak show by the community who deployed dns in the 1980's. > > nothing that can be abused won't be. you may or may not believe this; it's > considered controversial, and there are arguments being had about it today. > > but noone considered that now-controversial near-truism at all when the > core > internet protocols were first designed and implemented. the idea of abuse > was > considered novel in the 1990's when commercialization and privatization > brought abuse into the internet world and burst the academic bubble. a lot > of > old timers blamed AOL and MSN and even Usenet for the problems, but in > actuality, it's what humans _always_ do at scale. putting the full > spectrum of > human culture atop a technology platform designed for academic and > professional culture should have been understood to be a recipe for > disaster. > > -- > Paul > > >
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
