[dns-operations] RIPE-52 preso on DNS issues, author comments on Slashdot.
Suzanne_Woolf at isc.org
Thu Apr 27 21:43:25 UTC 2006
On Thu, Apr 27, 2006 at 02:32:16PM -0700, David Ulevitch wrote:
> DHTs are very trendy right now and a natural fit seemed to be taking
> over the DNS with a DHT and crypto-key system. Realistically it
> destroys everything that makes the DNS stable and articulate.
Eric Rescorla's talk on DHTs at the IETF plenary in Dallas included
some observations on why DNS is not, in fact, a very good fit for
DHTs. The slidepack isn't as clear on that part of the discussion as I
recall from the webcast, but the slides are at:
My own principle observation when I read up on CoDoNS was that most of
the benefits they posited could be realized in the canonical DNS, too,
if we signed the data and stopped caring so much about where it came
from. CoDoNS as operated by clueful people using DNSSEC isn't so
clearly superior to "vanilla" DNS as operated by clueful people using
DNSSEC, for all that they make an entertaining case that it might work
better in their particular environment than DNS as actually deployed.
More information about the dns-operations