On 15 apr 2012, at 03:23, Warren Kumari wrote:
> Once most ISPs are performing validation there should be fewer screwups, and
> NTAs should be almost never needed -- but until we get to that point I think
> that they are needed, and the net security wins outweigh the costs…
...and my point is t
On Apr 13, 2012, at 6:02 PM, Patrik Fältström wrote:
>
> On 13 apr 2012, at 23:43, Nicholas Weaver wrote:
>
>> Likewise, comcast being blamed for...
>
> Because (1) they seem to be the only large resolver operator that do
> validation(?) and (2) people like us on this list try to work out end
On 2012-04-14 1:51 AM, Doug Barton wrote:
> ... The problem, and I cannot emphasize this highly enough, is that
> there is absolutely no way for an ISP (or other end-user site doing
> recursion/validation) to determine conclusively that the failure they
> are seeing is due to a harmless stuff-up, v
On Apr 13, 2012, at 3:30 PM, Jaap Akkerhuis wrote:
>> More pragmatically, while I understand the theory behind rejecting NTAs,
>> I have to admit it feels a bit like the IETF rejecting NATs and/or DNS
>> redirection. I would be surprised if folks who implement NTAs will stop
>>