This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/dns-wg@ripe.net/
[dns-wg] NCC reverse delegation criteria
- Previous message (by thread): [dns-wg] NCC reverse delegation criteria
- Next message (by thread): [dns-wg] RIPE NCC's reverse DNS delegation process and stats
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jonas Frey
jf at probe-networks.de
Tue Jun 11 23:05:42 CEST 2019
> Because 20 years ago, we realised that this is a problem and stopped > intermingling recursive and authoritative service. Software like the > djb suite, nsd and unbound was written to assist in this separation. > > Thus, noone has bothered to revisit the docs on the subject. > > Part of the response you have received, thus, is because the > separation > requirement is mostly regarded as completely uncontroversial, like > "do > not allow TELNET without IAC DO ENCRYPT" or "Do not let SNMP > community > Public have write access" and similar obviousities. > > I suggest we wait for the NCC folks to come back with the exact list > of > requirements used today and starting from those the community, since > this > is more controversial than I and others thought, should try to > formulate > a policy that is consistent with the desires and needs of the > community > and the Internet. > > /Måns, down memory lane. Mans, i get your point but it appears that since those 20 years one might have forgotten to just ask that question again (with todays technology in mind). "Its not working that way." "Why?" "It never worked that way, dont try". While telnet was replaced by SSH (and others), SNMP is still there but has made progress (v3, crypto etc). I'd rather compare the auth nameserver+open resolver thing to SNMP than to telnet. I agree with you to wait for the NCC to specify the requirements and see what the community thinks about it. In any way this should be documented somewhere, so that further confusion is avoided. - Jonas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: This is a digitally signed message part URL: </ripe/mail/archives/dns-wg/attachments/20190611/d5e61ee3/attachment.sig>
- Previous message (by thread): [dns-wg] NCC reverse delegation criteria
- Next message (by thread): [dns-wg] RIPE NCC's reverse DNS delegation process and stats
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]