[dns-operations] Perils of Transitive Trust, followup.
Emin Gun Sirer
egs at cs.cornell.edu
Fri May 5 06:24:59 UTC 2006
I'm really glad to see the discussion in this forum go up a notch or two
on the technical front. And I appreciated getting an apology from Paul
Vixie for his earlier comments. It's good to see the tone shift towards
a technical exchange in good faith.
Bear in mind that research prototypes should not be confused with
deployed systems maintained by thousands of people and rolled into
production settings. So is CoDoNS compliant with BCP-666? Probably not.
Does it commit a gross violation of RFC-4-8-15-16-23-42? Possibly. Do
people on this list maintain nameservers that respond to far more
queries than the CoDoNS prototype? Most certainly.
You may have heard of a "beta test". BIND must have been in beta once.
It had even more security holes then than it does now, and who knows
which RFCs it complied with and which emails from Postel and other old
timers it violated. If you chucked it out back then, no one on this list
would be employed, and we'd all be mind-numbingly maintaining a
giant /etc/hosts file.
I look forward to the discussion here. Questions that start with the
assumption "suppose we take a fraction of the huge amount of energy we
pour into DNS, and put it into a DHT-based DNS, following a path similar
to the outline sketched in the CoDoNS paper, what fundamental problems
would we face?" are likely to lead to a more fruitful discussion than
"you implemented a cutoff of 30s for dynamically generated DNS records
in CoDoNS, justify yourself." We are under no such obligation to
convince you. DNS is a publicly available database, its problems are
there for all to see. CoDoNS embodies a groundbreaking way of caching in
geographically distributed systems, provides a scheme by which records
could be served securely by a giant cooperative cache regardless of
their origin or physical servers, and outlines a backwards-compatible
rollout path that preserves the investment in the current domain names.
I'll be happy to discuss whether the cutoff for the dynamically
generated records should be 30s or something else at around the time you
are thinking about deploying an experimental CoDoNS node.
We'll be reading the posts here and will be responding to questions all
at once in batches - sorry we lack the time to do a point-by-point to
all the messages.
Gun & Rama.
More information about the dns-operations
mailing list