[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] IDN rechartering rev 3

To: "Eric A. Hall" <ehall@ehsco.com>
Subject: Re: [idn] IDN rechartering rev 3
From: Dave Crocker <dhc@dcrocker.net>
Date: Mon, 19 Nov 2001 00:20:02 -0800
Cc: idn@ops.ietf.org
In-Reply-To: <3BF8BC31.47725AFC@ehsco.com>
References: <5.1.0.14.2.20011112160731.022fe998@dcrocker.net><00fd01c170ad$e4f74cf0$94615ed3@jamessonyvaio><5.1.0.14.2.20011118213409.03a8d258@dcrocker.net>

At 02:00 AM 11/19/2001 -0600, Eric A. Hall wrote:
>Dave Crocker wrote:
> > That means the DNS client and the DNS Administration interfaces that
> > creates DNS entries.  No other part of the system needs to change.
>
>Under the current spec, hostile redirects are trivially easy.

In what way does the translation/encapsulation approach of an ACE alter the 
current fundamentals of DNS security.  It is odd that your assessment of 
the security risk is not shared by others who have worked with the DNS for 
a long time.

In particular, how does the proposal ADD the security risk you describe?

(By the way, there are a number of other questions still awaiting your 
answer from an earlier message of today.  Please do find the time to 
respond to them.)

>You have made it clear that you despise basic science

Actually I mostly despise ad hominems during a technical exchange, though 
it is easy to appreciate the temptation.

>but it should be equally clear that it is far too early to be annointing 
>anything the winner in this process

Perhaps you have experience with other standards work that drags on for 
many years, but is still successful.  Alas, that is not the track record in 
the IETF (or ISO or ITU).  No doubt it would be fascinating to hear 
recitation of such successes.

Some other time, however.  This topic has been hashed, re-hashed, and 
otherwise made a hash of, by these sorts of exchanges.  After two years, 
detailed specifications are in short supply.  In fact, there is only one 
with enough detail to consider completing soon.  It is thorough, has 
minimal operational impact, satisfies the functional requirements, and has 
substantial consensus.

And, by the way, it is entirely acceptable that you disagree.  That's why 
we call IETF consensus "rough".  (The word also covers that ad hominems.)

d/

----------
Dave Crocker  <mailto:dcrocker@brandenburg.com>
Brandenburg InternetWorking  <http://www.brandenburg.com>
tel +1.408.246.8253;  fax +1.408.273.6464

Follow-Ups:
- Re: [idn] IDN rechartering rev 3
  - From: "Eric A. Hall" <ehall@ehsco.com>

References:
- Re: [idn] IDN rechartering rev 3
  - From: Dave Crocker <dhc@dcrocker.net>
- Re: [idn] IDN rechartering rev 3
  - From: "James Seng/Personal" <jseng@pobox.org.sg>
- Re: [idn] IDN rechartering rev 3
  - From: Dave Crocker <dhc@dcrocker.net>
- Re: [idn] IDN rechartering rev 3
  - From: "Eric A. Hall" <ehall@ehsco.com>

Prev by Date: Re: [idn] Re: [JET-member 665] REORDERING evaluation by existing Chinese domain names
Next by Date: Re: [idn] IDN rechartering rev 3
Prev by thread: Re: [idn] IDN rechartering rev 3
Next by thread: Re: [idn] IDN rechartering rev 3
Index(es):
- Date
- Thread