[dns-operations] good one was Re: DNSSEC impact ...

Anne-Marie Eklund-Löwinder Anne-Marie.Eklund-Lowinder at iis.se
Thu May 29 18:42:30 UTC 2008


 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

.SE have produced a tool which at this time is in beta version. It is
quite a user friendly way of explaining if there's anything wrong
with the delegation of your domain. 

I ask you to be aware of the fact that we haven't released it yet,
and I've been asked from the project manager to ask you not to spread
the url out widely.

If you should find any bugs, strange or odd behaviour or anything
similar that aren't already mentioned in
http://opensource.iis.se/trac/dnscheck/report/1, we would be really
greatful if you will take the time to send an e-mail to
dnscheck at iis.se.

If you have any further questions regarding this tool, you may send
them to the same address.

Go on and try it, http://dnscheck.iis.se

Kind regards,

Anne-Marie Eklund Löwinder
Quality & Security Manager
.SE (The Internet Infrastructure Foundation)
PO Box 7399, SE-103 91 Stockholm, Sweden
Phone: +46 (0)8-452 35 00/17 
Mobile: +46 (0)734 315 310
E-mail: anne-marie.eklund-lowinder at iis.se 
Web: www.iis.se



> -----Ursprungligt meddelande-----
> Från: dns-operations-bounces at lists.oarci.net 
> [mailto:dns-operations-bounces at lists.oarci.net] För Wes Hardaker
> Skickat: den 29 maj 2008 16:09
> Till: Edward Lewis
> Kopia: Mark Andrews; dns-operations at mail.oarc.isc.org
> Ämne: Re: [dns-operations] good one was Re: DNSSEC impact ...
> 
> >>>>> On Wed, 28 May 2008 19:38:41 -0400, Edward Lewis 
> <Ed.Lewis at neustar.biz> said:
> 
> EL> We aren't comparing the knowledge needed to debug DNSSEC with
> the  EL> knowledge needed to build a validator.  We are comparing
> the 
> EL> knowledge needed to debug DNSSEC with the knowledge 
> needed to, um, 
> EL> brush one's teeth.
> 
> More importantly, without user-level messages that indicate 
> the source of the problem the only information a 
> teeth-brusher can offer their poor tech-supporting relative is
> 
>    "my internet doesn't work".
> 
> And invariably the answer to what's wrong will be
> 
>    "it says it can't connect; something about domain name not
> found".  
> 
> At that point the tech support guy has a multitude of 
> potential problems to chase down.  He wouldn't know if it's a 
> network problem, a resolver problem, a application problem, a 
> DNSSEC problem, a ....
> 
> Imagine, though, if you got a report saying "my internet is 
> broken; it says that DNS validation failed for 
> 'www.hax0r.com'".  You have just removed 95% of the things to 
> debug over that 4kHz bandwidth inefficient analog to digital 
> converter we call "the human at the other end of the phone".
> 
> What I've always said we need is user-friendly errors with 
> system-administrator friendly help.  I now present to you the 
> error messages that applications should be displaying for 
> their end-users:
> 
> /-------------------------------------------------------------
> ------------\
> |                                                             
>             |
> | I'm sorry, we've encountered an error.                      
>             |
> |                                                             
>             |
> |     Your error:             The Internet Is Broken.  Sorry 
> about that.  |
> |                                                             
>             |
> |     When your nephew asks:  DNSSEC validation failed for 
> www.hax0r.com  
> | |
> \_____________________________________________________________
> ____________/
> 
> --
> "In the bathtub of history the truth is harder to hold than 
> the soap,  and much more difficult to find."  -- Terry 
> Pratchett _______________________________________________
> dns-operations mailing list
> dns-operations at lists.oarci.net
> http://lists.oarci.net/mailman/listinfo/dns-operations

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBSD75FqXc8AFCsc+UEQJyIgCeLXwJHn2j7wPHZvWKdVh2pwA4QagAn3cu
w6ZwE7Ak1edUxW+uf9BSdZF7
=sAVw
-----END PGP SIGNATURE-----



More information about the dns-operations mailing list