> >I worry especially when I can not clearly see a benefit to either cat
> >or mice.
[snip]
> If you are going to attack Verisign, at least pick a weak
> point to target with your attack.
Several public and several private manifestations of this so I'll
answer this one publically, then I am of
>I worry especially when I can not clearly see a benifit to either cat
>or mice.
The current serial number format supports a maximum of 100
changes to the .com zone per day. If you store your zone as
text files on a hard drive that is more than enough.
But! What if you consider the zone to be a
Subject: Re: Upcoming change to SOA values in .com and .net zones Date: Thu, Jan 08,
2004 at 08:35:54AM -0800 Quoting Owen DeLong ([EMAIL PROTECTED]):
> I don't see any real reason for Verisign to do this, other than possibly
> some
> lazy coding in automation tools (that SN is s
> MMDDnnn exceeds 32 bits for contemporary values of , so that's
> not a viable alternative. YYMMDDnnn would work, but has Y2K-ignorant
> connotations (not that that's particular relevant, post Y2K). Using a
Hmm bearing in mind how the calculation is done YYMMDD (or nnn) wouldnt be
Joe Abley wrote:
>
> On 8 Jan 2004, at 11:35, Owen DeLong wrote:
>
> > I don't see any real reason for Verisign to do this, other than
> > possibly some
> > lazy coding in automation tools (that SN is slightly easier to use as a
> > timestamp in automation than one that is the encoded date). It
On Thu, 8 Jan 2004, Rob Pickering wrote:
> Noted, but the large number of rabid posts on nanog about said minor
> change doesn't exactly make it *harder* for them to propagate the
> "200 zealots" theory!
I don't think 24 hours is bad turnaround time to educate all of the people
who tossed out po
On 8 Jan 2004, at 11:35, Owen DeLong wrote:
I don't see any real reason for Verisign to do this, other than
possibly some
lazy coding in automation tools (that SN is slightly easier to use as a
timestamp in automation than one that is the encoded date). It
doesn't provide
the functionality th
(Although I do know of some scripts that check the serial of the gltd
servers for things like monitoring new domains, deletes,...)
Any such scripts should require only _VERY_ minor tweakage or one-time
manual
intervention. For any such issue, I think 30 days is more than reasonable
notice.
Owen
Owen DeLong wrote:
> 5 Eventually, the fact that this didn't matter was pointed out by
> some.
>
> I don't see any real reason for Verisign to do this, other than
> possibly some lazy coding in automation tools (that SN is slightly
> easier to use as a timestamp in automation than one that is t
--On Wednesday, January 7, 2004 5:43 PM -0800 "Martin J. Levy"
<[EMAIL PROTECTED]> wrote:
There should be no end-user impact resulting from these changes ...
I believe there have been 26 (opps, now 27) responses to this
announcement in the last 2 hours 45 minutes, that's about one response
ev
--On 08 January 2004 11:54 +0100 Stephane Bortzmeyer
<[EMAIL PROTECTED]> wrote:
For very minor changes, they tell the 200 technical zealots
Noted, but the large number of rabid posts on nanog about said minor
change doesn't exactly make it *harder* for them to propagate the
"200 zealots" theor
>> I shall now go and penitentially stand in the very heavy rain and wind
>> that England is enjoying today.
> I'll do the same (same weather in .be today :(() for irritating randy :)
hey, we got six inches (about 15cm) of snow on the island, and
snow is a once every three year thing for us.
ran
.
> > I didn't notice anybody saying "thank you for doing the right thing
> > by announcing the change" amongst the flurry of jerking knees. So,
> > thank you for doing the right thing. Good luck with the maintenance.
>
> And should we thank Verisign for doing for a very minor change what
>
>No, they are not learning. At least this is not what their CEO says:
http://www.redherring.com/Article.aspx?f=articles/2003/12/14c9995f-5557-4dc4-ad48-4548360c2095/14c9995f-5557-4dc4-ad48-4548360c2095.xml
After reading that article I got curious about who
Overture is. A quick search on Google g
On Thu, Jan 08, 2004 at 05:21:33AM -0800,
Avleen Vig <[EMAIL PROTECTED]> wrote
a message of 22 lines which said:
> Verisign is learning their lesson, and it might take a while yet, but
...
> Verisign didn't do right last time, but they did this time.
No, they are not learning. At least this i
On Thu, Jan 08, 2004 at 12:43:40PM +, Ian Mason wrote:
>
> Whoops, here I sit with egg on my face. My excuse for misreading the date
> was it was late in the day here after a busy evening.
>
> I unreservedly apologize for my haste in condemning Verisign and withdraw
> my remarks.
>
> I sh
On Thu, Jan 08, 2004 at 11:24:33AM +0100, Stephane Bortzmeyer wrote:
> > I didn't notice anybody saying "thank you for doing the right thing
> > by announcing the change" amongst the flurry of jerking knees. So,
> > thank you for doing the right thing. Good luck with the maintenance.
>
> And shou
RFC 2182 Section 7 covers this as Randy Bush mentioned earlier..
If They do serial # updates, in a scripted manner or they just change the serial
number to 4000
let it propagate and then change to 100 something all will be fine...
The RFC above explains it well, no need to repost here...
At 00:01 08/01/2004, Ian Mason wrote:
At Wed, 7 Jan 2004 17:46:23 -0500, Matt Larson wrote:
VeriSign Naming and Directory Services will change the serial number
format and "minimum" value in the .com and .net zones' SOA records on
or shortly after 9 February 2004.
[snip]
But because these
zo
On Wed, Jan 07, 2004 at 05:43:01PM -0800,
Martin J. Levy <[EMAIL PROTECTED]> wrote
a message of 9 lines which said:
> I believe there have been 26 (opps, now 27) responses to this
> announcement in the last 2 hours 45 minutes, that's about one response
> every 6 minutes.
This is normal and re
On Wed, Jan 07, 2004 at 07:41:54PM -0500,
Joe Abley <[EMAIL PROTECTED]> wrote
a message of 16 lines which said:
> I didn't notice anybody saying "thank you for doing the right thing
> by announcing the change" amongst the flurry of jerking knees. So,
> thank you for doing the right thing. Good
PROTECTED]>
Sent: Wednesday, January 07, 2004 11:04 PM
Subject: Re: Upcoming change to SOA values in .com and .net zones
> Alexei Roudnev writes on 1/8/2004 2:00 AM:
>
> > If they do this change, theyll break a tremendows number of systems
around.
>
> Like, for example?
>
Alexei Roudnev writes on 1/8/2004 2:00 AM:
If they do this change, theyll break a tremendows number of systems around.
Like, for example?
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations
:38 PM
Subject: Re: Upcoming change to SOA values in .com and .net zones
>
> On Wed, Jan 07, 2004 at 11:34:46PM +, Maarten Van Horenbeeck wrote:
> > Hi Frank,
>
> Dag Maarten,
>
> > > stuid question, but isn't 2004010101 (today) > 1076370400 (9 Feb
2004)
> > | but isn't 2004010101 (today) > 1076370400 (9 Feb 2004)?
yup.
> ...
> The way BIND/etc determine when a new zone file has been issued is by
> seeing if it has a higher SN than the currently caches zone.
>
> Frank's question is that when view simply as 10 digit integers (which is
> how BIND
On Wed, 7 Jan 2004, Laurence F. Sheldon, Jr. wrote:
>
> Frank Louwers wrote:
>
> > stuid question, but isn't 2004010101 (today) > 1076370400 (9 Feb 2004)?
>
> Are you suggesting Yet Another Carefully Thought Out Change?
And don't forget - "after much public discussion" :-)
>
> Well, it _is_
> At Wed, 7 Jan 2004 17:46:23 -0500, Matt Larson wrote:
> >VeriSign Naming and Directory Services will change the serial number
> >format and "minimum" value in the .com and .net zones' SOA records on
> >or shortly after 9 February 2004.
>
> Matt, was it not possible for Verisign to give more tha
--On Wednesday, January 7, 2004 23:17 + Richard D G Cox
<[EMAIL PROTECTED]> wrote:
On 7 Jan 2004 23:02 UTC Frank Louwers <[EMAIL PROTECTED]> wrote:
| > generated twice per day, so NN is usually either 00 or 01.)
| > January 1970.) For example, a zone published on 9 February 2004 might
| >
> Hence there seems to be at least some impact on the community and that's
> before these changes are even implemented. :-)
The only impact is to our mailboxes wrt messages from people who do not
fully grok the (non)issue.
>There should be no end-user impact resulting from these changes ...
I believe there have been 26 (opps, now 27) responses to this announcement in the last
2 hours 45 minutes, that's about one response every 6 minutes.
Hence there seems to be at least some impact on the community and that's be
> >VeriSign Naming and Directory Services will change the serial number
> >format and "minimum" value in the .com and .net zones' SOA records on
> >or shortly after 9 February 2004.
> Matt, was it not possible for Verisign to give more than 30 hours notice
of
> these changes? This is an Internet-
Frank,
I normally keep quiet on these lists, enough people post without me
doing it.
>> Yes, but we all know there are quite some non-compliant dns-servers out
>> there. Do they want to break the largest zone for a few days for all
>> non-compliant servers?
Can you explain how this can plausibl
On Thu, 8 Jan 2004, Ian Mason wrote:
> At Wed, 7 Jan 2004 17:46:23 -0500, Matt Larson wrote:
>
> >VeriSign Naming and Directory Services will change the serial number
> >format and "minimum" value in the .com and .net zones' SOA records on
> >or shortly after 9 February 2004.
On 7 Jan 2004, at 17:46, Matt Larson wrote:
There should be no end-user impact resulting from these changes
(though it's conceivable that some people have processes that rely on
the semantics of the .com/.net serial number.) But because these
zones are widely used and closely watched, we want t
At Wed, 7 Jan 2004 17:46:23 -0500, Matt Larson wrote:
VeriSign Naming and Directory Services will change the serial number
format and "minimum" value in the .com and .net zones' SOA records on
or shortly after 9 February 2004.
[snip]
But because these
zones are widely used and closely watched,
Hi Frank,
Thanks for your reply.
> Yes, but we all know there are quite some non-compliant dns-servers out
> there. Do they want to break the largest zone for a few days for all
> non-compliant servers?
The serial should not be of any importance except to the .com & .net slave
nameservers. To
Hi Frank,
Thanks for your reply.
> Yes, but we all know there are quite some non-compliant dns-servers out
> there. Do they want to break the largest zone for a few days for all
> non-compliant servers?
The serial should not be of any importance except to the .com & .net slave
nameservers. To
Alexander Kiwerski wrote:
>
> On 7 Jan 2004 @ 15:25 PST Richard DG Cox wrote:
>
> >|On 7 Jan 2004 23:02 UTC Frank Louwers <[EMAIL PROTECTED]> wrote:
> >| > generated twice per day, so NN is usually either 00 or 01.)
> >| > January 1970.) For example, a zone published on 9 February 2004 might
>
>> Go read RFC 1982. They can do it that way without any real trouble as
>> long as all of the secondary (B-M) servers are tweaked. Check out section
>> 7 in particular.
>
> I know, but:
> - they didn't mention it
the number of things they did not mention is O(aleph null), perhaps
you are sup
"Laurence F. Sheldon, Jr." wrote:
> And from the stupid question file, is 1912 a standard? (RFC Editor
> says it is "Informational".
And it is amusing to read what it says about wild cards too.
Frank Louwers wrote:
>
> On Wed, Jan 07, 2004 at 11:34:46PM +, Maarten Van Horenbeeck wrote:
> > Hi Frank,
>
> Dag Maarten,
>
> > > stuid question, but isn't 2004010101 (today) > 1076370400 (9 Feb 2004)?
> >
> > This doesn't apply here. It is perfectly possible to decrease the value
> > of
> > > stuid question, but isn't 2004010101 (today) > 1076370400 (9 Feb 2004)?
> >
> > This doesn't apply here. It is perfectly possible to decrease the value
> > of your serial number without any consequences for the DNS slave/master
> > zone transfers, if you adhere to the procedures put forwar
On Wed, 7 Jan 2004, Robert Blayzor wrote:
>
> On 1/7/04 6:31 PM, "Frank Louwers" <[EMAIL PROTECTED]> wrote:
>
> > Don't they use MMDDNN now? So today's version whould be 2004010801.
> > AFAIK, 1076370400 is actually "less" then 2004010801...
> >
> > I know there are ways to "trick" nameser
On Wed, Jan 07, 2004 at 04:08:01PM -0800, Philip J. Nesser II wrote:
> Go read RFC 1982. They can do it that way without any real trouble as
> long as all of the secondary (B-M) servers are tweaked. Check out section
> 7 in particular.
I know, but:
- they didn't mention it
- are all dnsserver r
Go read RFC 1982. They can do it that way without any real trouble as
long as all of the secondary (B-M) servers are tweaked. Check out section
7 in particular.
---> Phil
On Thu, 8 Jan 2004, Frank Louwers wrote:
>
> On Wed, Jan 07, 2004 at 11:17:58PM +, Richard D G Cox wrote:
> >
> > | b
> Don't they use MMDDNN now? So today's version whould be 2004010801.
> AFAIK, 1076370400 is actually "less" then 2004010801...
>
> I know there are ways to "trick" nameservers in believing less is more,
> but that requires at least 2 changes, and I don't know if that is
> actually RFC-compli
On 1/7/04 6:31 PM, "Frank Louwers" <[EMAIL PROTECTED]> wrote:
> Don't they use MMDDNN now? So today's version whould be 2004010801.
> AFAIK, 1076370400 is actually "less" then 2004010801...
>
> I know there are ways to "trick" nameservers in believing less is more,
> but that requires at lea
On 7 Jan 2004 @ 15:25 PST Richard DG Cox wrote:
>|On 7 Jan 2004 23:02 UTC Frank Louwers <[EMAIL PROTECTED]> wrote:
>| > generated twice per day, so NN is usually either 00 or 01.)
>| > January 1970.) For example, a zone published on 9 February 2004 might
>| > have serial number "1076370400". Th
On Wed, Jan 07, 2004 at 11:34:46PM +, Maarten Van Horenbeeck wrote:
> Hi Frank,
Dag Maarten,
> > stuid question, but isn't 2004010101 (today) > 1076370400 (9 Feb 2004)?
>
> This doesn't apply here. It is perfectly possible to decrease the value
> of your serial number without any consequen
In message <[EMAIL PROTECTED]>, Richard D G Cox writes:
>
>On 7 Jan 2004 23:02 UTC Frank Louwers <[EMAIL PROTECTED]> wrote:
>| > generated twice per day, so NN is usually either 00 or 01.)
>| > January 1970.) For example, a zone published on 9 February 2004 might
>| > have serial number "10763704
On Wed, Jan 07, 2004 at 11:17:58PM +, Richard D G Cox wrote:
>
> | but isn't 2004010101 (today) > 1076370400 (9 Feb 2004)?
>
> Nope!
>
> >> The new format will be the UTC time at the moment of zone generation
> >> encoded as the number of seconds since the UNIX epoch.
>^
On Wed, 7 Jan 2004, Richard D G Cox wrote:
>
> On 7 Jan 2004 23:02 UTC Frank Louwers <[EMAIL PROTECTED]> wrote:
>
> | stuid question
>
> Yup!
>
> | but isn't 2004010101 (today) > 1076370400 (9 Feb 2004)?
>
> Nope!
>
> >> The new format will be the UTC time at the moment of zone generation
> >> en
On 7 Jan 2004 23:02 UTC Frank Louwers <[EMAIL PROTECTED]> wrote:
| > generated twice per day, so NN is usually either 00 or 01.)
| > January 1970.) For example, a zone published on 9 February 2004 might
| > have serial number "1076370400". The .com and .net zones will still
| > be generated twic
Frank Louwers wrote:
> stuid question, but isn't 2004010101 (today) > 1076370400 (9 Feb 2004)?
Are you suggesting Yet Another Carefully Thought Out Change?
Well, it _is_ the first one this year.
Matt Larson wrote:
>
> VeriSign Naming and Directory Services will change the serial number
> format and "minimum" value in the .com and .net zones' SOA records on
> or shortly after 9 February 2004.
>
> The current serial number format is MMDDNN. (The zones are
> generated twice per day, s
On Wed, Jan 07, 2004 at 05:46:23PM -0500, Matt Larson wrote:
> The current serial number format is MMDDNN. (The zones are
> generated twice per day, so NN is usually either 00 or 01.) The new
> format will be the UTC time at the moment of zone generation encoded
> as the number of seconds si
VeriSign Naming and Directory Services will change the serial number
format and "minimum" value in the .com and .net zones' SOA records on
or shortly after 9 February 2004.
The current serial number format is MMDDNN. (The zones are
generated twice per day, so NN is usually either 00 or 01.)
57 matches
Mail list logo