North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: hat tip to .gov hostmasters

  • From: Frank Bulk
  • Date: Tue Sep 23 23:44:13 2008

Pretty soon we'll have a blacklist of DNS servers that don't support DNSSEC
for .gov. =)

Frank

-----Original Message-----
From: Chris Owen [mailto:[email protected]] 
Sent: Monday, September 22, 2008 10:02 AM
To: NANOG list
Subject: Re: hat tip to .gov hostmasters

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sep 22, 2008, at 9:59 AM, Simon Vallet wrote:

> On Mon, 22 Sep 2008 10:52:42 -0400
> "Jason Frisvold" <[email protected]> wrote:
>
>> I'm not much up on DNSSEC, but don't you need to be using a resolver
>> that recognizes DNSSEC in order for this to be useful?
>
> You do -- and last time I checked few native resolvers actually did :
> glibc doesn't, and I'd be surprised if the Windows resolver does

Chicken, meet egg.

I think the point of the original post is that one end or the other
has to start things.  At least we have one US zone doing something on
the server end of things.

Chris

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Chris Owen         ~ Garden City (620) 275-1900 ~  Lottery (noun):
President          ~ Wichita     (316) 858-3000 ~    A stupidity tax
Hubris Communications Inc      www.hubris.net
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
Comment: Public Key: http://home.hubris.net/owenc/pgpkey.txt
Comment: Public Key ID: 0xB513D9DD

iEYEARECAAYFAkjXs30ACgkQElUlCLUT2d0SfwCbB8FQ4izN061GoQQMl3fkq+NT
ga0AoJnwGG8PfBs5PaziRB6m0NQBuZwc
=68dm
-----END PGP SIGNATURE-----