>
> I realize that you, Warren, are virtuous and would not do anything bad with
> all of the secrets people fling at your server, but given the reality of the
> TLD ecosystem, how confident are you that nobody else running such a server
> would?
Precisely why they ought to be notified of thei
> On Oct 3, 2016, at 6:31 PM, Warren Kumari wrote:
>
> ... and just for the record, much much more could have been determined
> (and users better warned / informed) if the address handed out was a
> server which displayed an error / links to more information[0], or if
> the name-servers serving
On 2014-11-07 09:39, Stephane Bortzmeyer wrote:
There is an Internet-Draft "A Survey of Worldwide Censorship
Techniques" draft-hall-censorship-tech-00 which is on the agenda of
the Security Area Open Meeting next week at IETF 91 Honolulu.
I applaud the effort, I've reviewed the DNS part and I fi
On May 8, 2014, at 12:43 PM, Suzanne Woolf wrote:
>
> Ah, sorry. Was trying to reflect what the discussion was saying, not impose
> an “edict”. It seemed like a reasonable starting position.
>
> Do you disagree? If so I’ll hope you’ll say what you think on the subject….
Yes, I think I do disa
On May 7, 2014, at 1:13 PM, Suzanne Woolf wrote:
> This sounds to me like a) support for working on edns-client-subnet (and
> possibly things like it in the future), with b) a resulting RFC as
> "Informational".
>
> I've found this discussion very helpful in solidifying the thoughts Tim
> al
Does anyone have a decent reference to a document that outlines
what operators should be considering WRT DNSSEC (e.g., >512B
thing, allowing TCP, EDNS0 considerations, validating recursors
deployment, any studies to projections of recursive load hits
for RAM, CPU and transactions in various imp
On Sep 3, 2008, at 3:19 PM, Dave CROCKER wrote:
>
> +1
>
> The benefit of an open process is its ability to obtain unexpected
> input that is
> useful.
>
> The detriment is that it places an additional burden on everyone to
> filter out
> the noise.
>
> Failure to do that adds more noise.
I a
On Sep 3, 2008, at 9:42 AM, Dean Anderson wrote:
>
> I choose to report on why this data is not credible and should not be
> accepted by the DNSOP WG.
I believe the WG has heard your position:
"There has been no further discussion of these attacks since the
two very small motivating attacks were
Dean,
I'm not going to argue this point by point with you, I simply
provided data points on what folks who do this as part of their
day job have observed and reported. You can choose to
accept this, or not.
As for bots and C&Cs and what's done in practice today
and what's not, well, I know a lit
On Sep 2, 2008, at 12:44 PM, Dean Anderson wrote:
>
> I find this hard to believe from three standpoints:
>
> 1) the expected number of open DNS recursors and their collective
> bandwidth doesn't seem to be large enough to support a 40Gbps attack.
Really? With trivial amplification vectors 20 lo
On Sep 2, 2008, at 9:47 AM, Joe Abley wrote:
>>
>> There is "usually" no harm to anyone from open resolvers. No one has
>> reported any further attacks since this draft was conceived.
>
> That is not true. It's possible that the forums in which such attacks
> are discussed are not available to you
On Feb 2, 2008, at 4:59 AM, Lican Huang wrote:
> Hi,
>
> Who can tell me why I got a response of a trouble tickect message
> as following when I submit an Internet Draft to Internet-
> [EMAIL PROTECTED] <[EMAIL PROTECTED]> ?
AMS just finished transition of all IETF IT services, and
it appear
On Oct 1, 2007, at 7:42 PM, Mark Andrews wrote:
As for the TSIG or SIG(0) recommendation, I'm not sure what
the numbers are for client support today, but I suspect it's at
best an negligible sample.
Well all Windows XP/2003/Vista boxes can be configured to
support TSIG, with
On Oct 1, 2007, at 1:08 PM, John Kristoff wrote:
Since this group can be a bit pedantic about terminology, what Danny
is referencing is what I was specifically referring to as "resolvers".
I totally made up those four categories for my purposes of describing
some of the work we were doing as a
On Oct 1, 2007, at 1:52 AM, Stephane Bortzmeyer wrote:
On Sun, Sep 30, 2007 at 10:32:39PM -0600,
Danny McPherson <[EMAIL PROTECTED]> wrote
a message of 51 lines which said:
Section 4's reference to BCP 84, in part, creates a false sense of
useful action on part of the opera
I do support this document being published as BCP.
A couple of minor comments:
Section 4's reference to BCP 84, in part, creates a false sense of
useful action on part of the operator, IMO (in addition, there's a
typo; s/were/where/).
In situations were more complex network setups are in pla
16 matches
Mail list logo