<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] Re: Resolving .gov w/dnssec
- To: Hugh Dierker <hdierker2204@xxxxxxxxx>
- Subject: Re: [ga] Re: Resolving .gov w/dnssec
- From: Joe Baptista <baptista@xxxxxxxxxxxxxx>
- Date: Fri, 23 Apr 2010 11:22:17 -0400
On Fri, Apr 23, 2010 at 12:15 AM, Hugh Dierker <hdierker2204@xxxxxxxxx>wrote:
> Fair trade is necessary trade. Unnecessary tradeoffs are lame.
>
I agree. It is a tradeoff and not fair trade.
> These problems are not necessary -- except that they are within the given
> framework of lack of motivation to do better. It comes down to this, if we
> set our standards outside of competitive models there is no incentive to do
> better. ICANN, the Dnssec and this SAIC are working within government
> sanctioned slobbery, both intellectual and economic slobbery. I used to
> think it was snobbery, now I know it is a laziness born of shovel leaning
> bureaucrats. You may be kind and call it "make work" but would you call
> intentional fraud "make work"? Buggy whips and Railroad fireman is what this
> is.
>
Again I agree. DNSSEC is a snow job by committee. SAIC is a joke. "I" root
server in Beijing is still down. Where is SAIC on that.
>
> The plan I am putting together for the inculsives will generate some new
> fire under the pants of these obstructionists and they will find that a
> better mousetrap can be built.
>
Thank you - I and my TLD holders thank you.
regards
joe baptista
>
>
>
> --- On *Thu, 4/22/10, Joe Baptista <baptista@xxxxxxxxxxxxxx>* wrote:
>
>
> From: Joe Baptista <baptista@xxxxxxxxxxxxxx>
> Subject: [ga] Re: Resolving .gov w/dnssec
> To: cet1@xxxxxxxxx, "ga@xxxxxxxxxxxxxx >> GA" <ga@xxxxxxxxxxxxxx>
> Cc: "Paul Wouters" <paul@xxxxxxxxxxxxx>, "Bind Users Mailing List" <
> bind-users@xxxxxxxxxxxxx>, "Timothe Litt" <litt@xxxxxxx>
> Date: Thursday, April 22, 2010, 8:07 AM
>
> Looks like the future of the DNSSEC make work project includes resolution
> failures here and there. More security - less stability - guaranteed
> slavery. I wounder if it's a fair trade.
>
> we'll see ..
> regards
> joe baptista
>
> On Thu, Apr 22, 2010 at 10:52 AM, Chris Thompson
> <cet1@xxxxxxxxx<http://us.mc529.mail.yahoo.com/mc/compose?to=cet1@xxxxxxxxx>
> > wrote:
>
>> On Apr 22 2010, Paul Wouters wrote:
>>
>> On Thu, 22 Apr 2010, Timothe Litt wrote:
>>>
>>> I'm having trouble resolving uspto.gov with bind 9.6.1-P3 and 9.6-ESV
>>>> configured as valdidating resolvers.
>>>>
>>>> Using dig, I get a connection timeout error after a long (~10 sec)
>>>> delay.
>>>> +cdflag provides an immediate response.
>>>>
>>>
>>> Is anyone else seeing this? Ideas on how to troubleshoot?
>>>>
>>>
>>> I have the same problems with our validating unbound instance.
>>>
>>
>> I suspect that this has to do with
>>
>> dig +dnssec +norec dnskey uspto.gov @dns1.uspto.gov.
>> dig +dnssec +norec dnskey uspto.gov @sns2.uspto.gov.
>>
>> failing with timeouts, while dig +dnssec +norec +vc dnskey uspto.gov @
>> dns1.uspto.gov.
>> dig +dnssec +norec +vc dnskey uspto.gov @dns2.uspto.gov.
>>
>> work fine ... with a 1736-byte answer. Probably the fragmented
>> UDP response is getting lost somewhere near the authoritative
>> servers themselves.
>>
>> --
>> Chris Thompson
>> Email:
>> cet1@xxxxxxxxx<http://us.mc529.mail.yahoo.com/mc/compose?to=cet1@xxxxxxxxx>
>>
>>
>> _______________________________________________
>> bind-users mailing list
>> bind-users@xxxxxxxxxxxxx<http://us.mc529.mail.yahoo.com/mc/compose?to=bind-users@xxxxxxxxxxxxx>
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>
>
>
>
--
Joe Baptista
www.publicroot.org
PublicRoot Consortium
----------------------------------------------------------------
The future of the Internet is Open, Transparent, Inclusive, Representative &
Accountable to the Internet community @large.
----------------------------------------------------------------
Office: +1 (360) 526-6077 (extension 052)
Fax: +1 (509) 479-0084
Personal: http://baptista.cynikal.net/
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|