Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Allowing DNS servers to operate behind NetScreen 500

From: tqbf () sockpuppet org
Date: Sat, 15 Feb 2003 09:03:14 -0800
Tobias, is that some type of bait?  DJB's ideas on the issue are quite
well known, he thinks we should all go back to a hosts file and
copying it from machine to machine.  Are you using ``nym-based
security'', currently?  When are you going to start?


This is a ridiculous ad-hominem that has no relevance whatsoever to
Bernstein's actual position in the DNS security controversy. 

At issue is whether any credible set of protocols and plans exists to
cryptographically secure DNS with a hierarchy of keys. Since Vixie himself
seems to have indicated that the DNSSEC protocols Bernstein has refused
to implement were a false start, don't you feel a bit embarassed using
them as an excuse to bash an implementor on a public mailing list?

If the moderators of fw-wizards want to let the list become a forum for
debating DNSSEC and the DNS security proposals, so be it. I question
whether the expertise exists on this list to make that a productive
endeavor.

---
Thomas H. Ptacek
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: