Re: [ga] Progress of DNSSEC?: Can .gov trust .com?

["Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>]

<HEAD><TITLE></TITLE>
<STYLE>body{font-family: 
Geneva,Arial,Helvetica,sans-serif;font-size:10pt;font-family:arial,sans-serif;background-color:#ffffff;color:black;}p{margin:0px}</STYLE>

<META name=GENERATOR content="MSHTML 8.00.6001.18928"></HEAD>
<BODY id=compText>
<P>Eric and all,</P>
<P>&nbsp;</P>
<P>&nbsp; I see from your comments that you two don't understand the current 
ongoing implimentation</P>
<P>of DNSSEC nor have been following along with the WG mailing list of 
same.&nbsp; That's unfortunate</P>
<P>as making such comments and/or observations in vaccum tends to promote 
misinformation.</P>
<P>&nbsp;</P>
<P>&nbsp; There is no 'Bad Faith' per se in the current ongoing DNSSEC 
project.&nbsp; What there 'MAY'</P>
<P>be and likely will turn out to be, is a group of 'covering trust anchor 
servers' that are in both the</P>
<P>private and public sectors that have no checks of ballences/oversight upon 
them and their</P>
<P>operation, ergo leading to potentially less that capable reliability of of 
the method of</P>
<P>implimentation of DNSSEC, or perhaps even DNSSEC itself.&nbsp; This is 
therefore a institutional</P>
<P>form of 'Bad Faith' that can be corrected while in process, but if not 
addressed soon, provides</P>
<P>no long of mid term confidence, just another MMS like situation but perhaps 
a hybrid sort of</P>
<P>MMS.&nbsp; <BR></P>
<P>&nbsp;</P>
<P>&nbsp; To be clear again, I preferred DNScurve to DNSSEC, but as I stated 
some time ago,</P>
<P>DNSSEC is a good and needed facility 'IF' and 'ONLY IF' it is not wattered 
down or </P>
<P>subverted in implimentation.&nbsp; The current implimentation method 
selected thus far</P>
<P>is both wattered down, and subverted from DNSSEC's intent to a significant 
and perhaps</P>
<P>dangerous degree accordingly.<BR><BR></P>
<BLOCKQUOTE style="BORDER-LEFT: #0000ff 2px solid; PADDING-LEFT: 5px; 
MARGIN-LEFT: 0px">-----Original Message----- <BR>From: Hugo Monteiro 
<HUGO.MONTEIRO@xxxxxxxxxx><BR>Sent: Jun 9, 2010 6:22 PM <BR>To: Matthew Pemble 
<MATTHEW@xxxxxxxxxx><BR>Cc: ga@xxxxxxxxxxxxxx <BR>Subject: Re: [ga] Progress of 
DNSSEC?: Can .gov trust .com? <BR><BR><ZZZHTML><ZZZHEAD><ZZZMETA 
content="text/html; charset=ISO-8859-1" 
http-equiv="Content-Type"></ZZZHEAD><ZZZBODY bgcolor="#ffffff" 
text="#000000">On 06/09/2010 05:15 PM, Matthew Pemble wrote: 
<BLOCKQUOTE 
cite=mid:AANLkTimFwbhzEEHAGnV1m6vOh4GCTkXbj12dekE8NjjM@xxxxxxxxxxxxxx 
type="cite">Folks,<BR><BR>
<DIV class=gmail_quote>On 9 June 2010 16:31, Hugh Dierker <SPAN dir=ltr>&lt;<A 
href="mailto:hdierker2204@xxxxxxxxx"; target=_blank 
moz-do-not-send="true">hdierker2204@xxxxxxxxx</A>&gt;</SPAN> wrote:<BR>
<BLOCKQUOTE style="BORDER-LEFT: rgb(204,204,204) 1px solid; MARGIN: 0pt 0pt 0pt 
0.8ex; PADDING-LEFT: 1ex" class=gmail_quote>
<TABLE border=0 cellSpacing=0 cellPadding=0>
<TBODY>
<TR>
<TD style="FONT-FAMILY: inherit; font-size-adjust: inherit; font-stretch: 
inherit" vAlign=top>
<DIV>Matthew, </DIV>
<DIV>&nbsp;</DIV>
<DIV>I would like to know: Do you think this DNSSEC process is being advanced 
in good faith?</DIV></TD></TR></TBODY></TABLE></BLOCKQUOTE>
<DIV><BR><BR>I'm not sure. I certainly don't think that the NIST guidelines are 
evidence or even indication of bad faith.&nbsp; There are clearly issues with 
DNSSEC and alternatives (ie 
DNSCurve.)<BR><BR></DIV></DIV></BLOCKQUOTE><BR><BR>Mathew and 
all,<BR><BR>There's already at least one DNSCurve implementation for testing. 
Please read the following thread for more information.<BR><BR><ZZZMETA 
content="text/html; charset=ISO-8859-1" http-equiv="content-type"><A 
href="http://marc.info/?l=djbdns&amp;m=127540258707206&amp;w=2"; 
target=_blank>http://marc.info/?l=djbdns&amp;m=127540258707206&amp;w=2</A><BR><BR>I'll
 sure be doing a test drive in a few weeks, when things get slower over 
here.<BR><BR>Regards,<BR><BR>Hugo Monteiro.<BR><BR><PRE class=moz-signature 
cols="72">-- 
fct.unl.pt:~# cat .signature

Hugo Monteiro
Email    : <A class=moz-txt-link-abbreviated 
href="mailto:hugo.monteiro@xxxxxxxxxx"; 
target=_blank>hugo.monteiro@xxxxxxxxxx</A>
Telefone : +351 212948300 Ext.15307
Web      : <A class=moz-txt-link-freetext href="http://hmonteiro.net"; 
target=_blank>http://hmonteiro.net</A>

Divisão de Informática
Faculdade de Ciências e Tecnologia da
                   Universidade Nova de Lisboa
Quinta da Torre   2829-516 Caparica   Portugal
Telefone: +351 212948596   Fax: +351 212948548
<A class=moz-txt-link-abbreviated href="http://www.fct.unl.pt"; 
target=_blank>www.fct.unl.pt</A>                <A 
class=moz-txt-link-abbreviated href="mailto:apoio@xxxxxxxxxx"; 
target=_blank>apoio@xxxxxxxxxx</A>

fct.unl.pt:~# _
</PRE><PRE class=moz-signature cols="72">Regards,

Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 300+k members/stakeholders and growing, 
strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is very
often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B; liability
depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of
Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail jwkckid1@xxxxxxxxxxxxx
Phone: 214-244-4827
</PRE></ZZZBODY></ZZZHTML></BLOCKQUOTE></BODY>