Will there be online audio access to this presentation like other ietf
sessions?
-邮件原件-
发件人: dnsop-boun...@ietf.org [mailto:dnsop-boun...@ietf.org] 代表 Jakob
Schlyter
发送时间: 2009年11月4日 13:15
收件人: dnsop@ietf.org
主题: [DNSOP] IETF 76: Root DNSSEC Presentation with QA
I'm happy to invite DNSOP
Interesting News!
There must be a hidden trick to introduce DNS Jumbograms we just
forgot to mention
In a press article [1] entitled
Root zone changes may shake up Net in Africa,
Computerworld wrote:
| From January 2010, ICANN will implement DNSSEC -- using a technique
| also known as
Question: Have people been able to estimate how large the signed root
zone response will be?
I'm assuming its below the magic 1500B level for standard queries. Is
this correct?
Oh, and one thing to watch out for: Some IP stacks I've noticed will
set DF on UDP datagrams, if the
On Wed, Nov 04, 2009 at 11:09:53AM -0800, Nicholas Weaver wrote:
Question: Have people been able to estimate how large the signed root
zone response will be?
I'm assuming its below the magic 1500B level for standard queries. Is
this correct?
Oh, and one thing to watch out for: Some
cool eh? although I suspect she ment responses.
--bill
On Wed, Nov 04, 2009 at 07:58:41PM +0100, Alfred Hvnes wrote:
Interesting News!
There must be a hidden trick to introduce DNS Jumbograms we just
forgot to mention
In a press article [1] entitled
Root zone
On Nov 4, 2009, at 11:41 AM, Matthew Dempsky wrote:
On Wed, Nov 4, 2009 at 11:26 AM, bmann...@vacation.karoshi.com
wrote:
The current deployment plan is to stage things to push out
large responses
early - prior to having any actual DNSSEC usable data ...
ostensibly to
Bill Manning wrote:
cool eh? although I suspect she ment responses.
--bill
Yet responses usually did not go *to* the root servers so far.
I'm getting confused.:-) :-)
Did anybody ever have a prejudice against journalists?
-- reconsider, please! :-)
Alfred.
P.S.: Disclosing
[namedroppers dropped as this felt more operational to me]
On Nov 4, 2009, at 11:09 AM, Nicholas Weaver wrote:
Question: Have people been able to estimate how large the signed root zone
response will be?
Response to what? Using the current IANA 'normal root servers' testbed:
% dig
On Nov 4, 2009, at 11:41 AM, Matthew Dempsky wrote:
On Wed, Nov 4, 2009 at 11:26 AM, bmann...@vacation.karoshi.com wrote:
The current deployment plan is to stage things to push out large
responses
early - prior to having any actual DNSSEC usable data ... ostensibly
to
* Alfred Hönes:
There must be a hidden trick to introduce DNS Jumbograms we just
forgot to mention
The claims about firewall issues seems dubious to me. It's certainly
not the 512 byte limit which is a problem here---I think we've got
pretty good empiric evidence that it's not a problem
On Nov 4, 2009, at 3:02 PM, David Conrad wrote:
[namedroppers dropped as this felt more operational to me]
On Nov 4, 2009, at 11:09 AM, Nicholas Weaver wrote:
Question: Have people been able to estimate how large the signed
root zone response will be?
Response to what? Using the current
* David Blacka:
I actually researched this, and need to spend some time cleaning up
the report before posting it to this list. But the bottom line is
that yes, all responses save a few at the apex of root are below 1500b
(actually, below 1100b). The responses that are larger are . rrsig
* Nicholas Weaver:
Also, has someone done a study what the major recursive resolvers do
on response failures from a root? Do they go to another first or do
they try a smaller EDNS MTU?
Note that switching seems beneficial because six roots MTUs clearly
support MTUs less than 1500, and seven
On Nov 4, 2009, at 3:39 PM, Florian Weimer wrote:
* David Blacka:
I actually researched this, and need to spend some time cleaning up
the report before posting it to this list. But the bottom line is
that yes, all responses save a few at the apex of root are below
1500b
(actually, below
In message af9e632c-c470-4ea8-9bb4-bf144d208...@icsi.berkeley.edu, Nicholas W
eaver writes:
On Nov 4, 2009, at 11:41 AM, Matthew Dempsky wrote:
On Wed, Nov 4, 2009 at 11:26 AM, bmann...@vacation.karoshi.com
wrote:
The current deployment plan is to stage things to push out
On Wed, Nov 4, 2009 at 11:26 AM, bmann...@vacation.karoshi.com wrote:
The current deployment plan is to stage things to push out large
responses
early - prior to having any actual DNSSEC usable data ... ostensibly to
flush out DNSmtu problems.
Is this plan to push out
On Wed, Nov 4, 2009 at 12:04 PM, David Conrad d...@virtualized.org wrote:
On Nov 4, 2009, at 11:41 AM, Matthew Dempsky wrote:
On Wed, Nov 4, 2009 at 11:26 AM, bmann...@vacation.karoshi.com wrote:
The current deployment plan is to stage things to push out large
responses
early
On 5/11/2009, at 10:45 AM, Matthew Dempsky wrote:
I'd appreciate if someone could clarify what the large responses
that will preexist actual DNSSEC usable data that Bill Manning is
referring to are. It's unclear to me whether it's still technically
DNSSEC data and hence would require a client
In message 87639qrq25@mid.deneb.enyo.de, Florian Weimer writes:
* Alfred H=F6nes:
There must be a hidden trick to introduce DNS Jumbograms we just
forgot to mention
The claims about firewall issues seems dubious to me. It's certainly
not the 512 byte limit which is a problem
19 matches
Mail list logo