On 03/16/15 18:07, Yunhong Gu wrote:
On Mon, Mar 16, 2015 at 8:50 PM, Michael Sinatra mich...@brokendns.net
mailto:mich...@brokendns.net wrote:
On 3/16/15 4:15 PM, P Vixie wrote:
On March 17, 2015 7:42:09 AM GMT+09:00, Michael Sinatra
mich...@brokendns.net
On Mon, 16 Mar 2015, Jacob Appelbaum wrote:
Subject: [DNSOP] discussion for draft-appelbaum-dnsop-onion-tld-00.txt
Is this meant to replace or augment draft-grothoff-iesg-special-use-p2p-names ?
- most importantly is the date October 1st. On that date we'll have a
death day for currently
On Thursday, March 12, 2015 12:39:17 PM Florian Weimer wrote:
On 03/12/2015 11:36 AM, Jan Včelák wrote:
And does anyone actually use opt out with NSEC3?
Yes, .com for example. My impression was that Opt-Out was the selling
point of NSEC3, not the domain name hashing.
Okay. Are they
On Mon, Mar 16, 2015 at 11:53:17PM +0900, Paul Vixie wrote:
that is not the use case for this. the updated document makes clear that
the iteration complexity in split-authority systems having a lightweight
front end, is the situation where ANY is painful.
Sorry? We solve implementation
On 16 Mar 2015, at 15:05, bert hubert bert.hub...@netherlabs.nl wrote:
Sorry? We solve implementation hardship by standards action now?
Some modern Authoritative servers, such as those used by CDN's, do
not have DNS zones. For those servers answering ANY query truthfully
is hard
My apologies for not seeing this sooner. In section 5. Security
Considerations:
To ensure that an older CSYNC record making use of the soaminimum flag
cannot be replayed to revert values, the SOA serial number MUST NOT be
incremented by more than 2^16 during the lifetime of the signature
window
On Mon, Mar 16, 2015 at 03:16:08PM +, Ray Bellis wrote:
Hypothetically, if you're using one of those funky NoSQL-style backends
where RRs are looked up in a key-value store directly from a (QNAME,
QTYPE) tuple I can see how supporting QTYPE == ANY would be tricky.
At DNS query rates, you
bert hubert mailto:bert.hub...@netherlabs.nl
Monday, March 16, 2015 11:23 PM
On Mon, Mar 09, 2015 at 04:18:12PM +0100, bert hubert wrote:
On Mon, Mar 09, 2015 at 11:08:03AM -, D. J. Bernstein wrote:
My qmail software is very widely deployed (on roughly 1 million SMTP
server IP
On 16 Mar 2015, at 15:22, bert hubert bert.hub...@netherlabs.nl wrote:
At DNS query rates, you could just query purely based on the name as the
key. You'd have to do so anyhow to determine what kind of NXDOMAIN/NOERROR
response to generate!
Yes, that's a good point :)
Or are we going to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/16/15 23:20, Paul Wouters wrote:
It seems odd that two documents would be requesting an IANA action for
.onion ?
*** Well yes, it sounds like a mistake to me. But we can also consider
it a god-given gift for people who argued against
Tony Finch wrote:
If the response would be NOERROR / NODATA and the zone is not signed,
synthesize a NULL RR and use that as the answer.
It seems a little bit off to re-use the NULL RRtype, which has been
reserved for experimental use, for this. There are at least some
(marginal) uses of the
11 matches
Mail list logo