nanog mailing list archives
Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking
From: Måns Nilsson <mansaxel () besserwisser org>
Date: Wed, 27 Feb 2019 21:28:54 +0100
Subject: Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Date: Wed, Feb 27, 2019 at 01:07:09PM -0500 Quoting John Levine (johnl () iecc com):
In article <20190227161327.GA27527 () besserwisser org> you write:that is RFC 7208.[0][0] This document tries to deprecate RRTYPE 99 for SPF. By stating that only TXT records can be trusted. ...This must be a very different RFC 7208 from the one that the IETF published. The IETF one says that nobody used type 99, and some of the few implementations we saw were broken, so we deprecated it.
We will never agree on that. Because I think you were, and are, wrong. Mostly out of eagerness and lack of patience. I'm fairly certain you think I have no idea what I'm talking about. But, to rehash, a little less subtle: My point was that the general state of criminal ignorance about the finer nuances of DNS is so wide spread that around 2038 we'll have an abstraction layer entirely built out of mile-long CNAME chains, because nobody remembers any other record type. CNAMEs we tried to forget too, replacing them with something out of the olde annals of Compuserve, but since the golden standard of resiliency and load balancing is a chain of them pointing into a bookstore's spare servers, we really can't do without them. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE SA0XLR +46 705 989668 Don't worry, nobody really LISTENS to lectures in MOSCOW, either! ... FRENCH, HISTORY, ADVANCED CALCULUS, COMPUTER PROGRAMMING, BLACK STUDIES, SOCIOBIOLOGY! ... Are there any QUESTIONS??
Attachment:
signature.asc
Description:
Current thread:
- Re: A Deep Dive on the Recent Widespread DNS Hijacking, (continued)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking John Levine (Feb 26)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking bzs (Feb 26)
- Re: A Deep Dive on the Recent Widespread DNS Hijacking Bill Woodcock (Feb 26)
- Re: DANE, was A Deep Dive on the Recent Widespread DNS Hijacking John Levine (Feb 26)
- Re: DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Julien Goodwin (Feb 26)
- Re: DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Mike via NANOG (Feb 27)
- Re: DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Töma Gavrichenkov (Feb 27)
- RE: DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Eric Tykwinski (Feb 27)
- Re: DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Måns Nilsson (Feb 27)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking John Levine (Feb 27)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Måns Nilsson (Feb 27)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Mark Andrews (Feb 27)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking John R. Levine (Feb 27)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Mark Andrews (Feb 27)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking John R. Levine (Feb 27)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Mark Andrews (Feb 27)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking bzs (Feb 27)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Seth Mattinen (Feb 27)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Mike Meredith (Feb 28)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Måns Nilsson (Feb 28)
- Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking Bjørn Mork (Feb 28)