Hi Paul,
No oars - just a bit of a broken paddle.
On 7/07/2014 2:14 pm, "Paul Vixie" wrote:
>
>
>right now, root name servers are part of an explicit, hand-maintained
>NOTIFY tree. thus, all internet actions depending on root zone content
>have up-to-the-minute data if not up-to-the-second data
In message <53ba1e98.9030...@redbarn.org>, Paul Vixie writes:
>
> i am not joe, but i strongly +1'd his response on this thread, so i'm
> putting my oar back into the water now.
>
> Mark Andrews wrote:
> > In message , Joe Abley wri
> tes:
> >>
> >> 5.1. Pros
> >>
> >> o Junk queries / negative
Paul,
This seems like a fine and modular approach that doesn't boil the ocean.
Eliot
On 7/5/14, 5:04 AM, Paul Vixie wrote:
> i've now seen a number of proposals reaction to "the snowden
> disclosures", seeking channel encryption for dns transactions. i have
> some thoughts on the matter which ar
i am not joe, but i strongly +1'd his response on this thread, so i'm
putting my oar back into the water now.
Mark Andrews wrote:
> In message , Joe Abley
> writes:
>>
>> 5.1. Pros
>>
>> o Junk queries / negative caching - Currently, a significant number
>>of queries to the root servers are
In message , Joe Abley writes
:
> Hi Paul, Warren,
>
> On 4 July 2014 at 16:50:08, Paul Hoffman (paul.hoff...@vpnc.org) wrote:
>
> > Greetings. Warren and I have done a major revision on this draft,
> narrowing the design
> > goals, and presenting more concrete proposals for how the mechanism
Moin!
On 05 Jul 2014, at 18:11, Joe Abley wrote:
> TL;DR: there are way more cons than pros to this proposal. The pros listed
> are weak; the cons listed are serious. I don't see a net advantage to the DNS
> (or to perceived performance of the DNS for any client) here. This proposal,
> if impl
Matthäus Wander wrote:
> * Paul Vixie [7/5/2014 7:47 PM]:
>> Matthäus Wander wrote:
>>> DTLS works on top of UDP (among others) and thus can pass CPE devices.
>> no, it cannot. DTLS does not look something that the CPE was programmed
>> to accept; thus in many cases it is silently dropped.
>>
>
>
This is really a design question.
As far as I am concerned, DNS is and always will be a first class Internet
protocol. It is the foundation for everything else. The syntax etc can
change but it is a building block other stuff should build on, not
something that can leverage other facilities.
So t
* Paul Vixie [7/5/2014 7:47 PM]:
> Matthäus Wander wrote:
>> DTLS works on top of UDP (among others) and thus can pass CPE devices.
>
> no, it cannot. DTLS does not look something that the CPE was programmed
> to accept; thus in many cases it is silently dropped.
>
DTLS can be used on top of UDP