[dns-operations] No public calendar for the root signing deployment

Paul Vixie vixie at isc.org
Thu Dec 10 14:56:24 UTC 2009


> Date: Thu, 10 Dec 2009 08:38:03 -0500
> From: Joseph S D Yao <jsdy at tux.org>
> 
> Or perhaps I am assuming that it is the UDP-block-size-defaults-to-512-
> bytes issue, and it is really some other issue of which you are thinking.

fwiw i didn't find peter's tone to be angry.  but i very much think that
firewall and middlebox vendors ought to be warning their customers that
old code which limits udp/53 to 512 is about to be extremely painful for
the customers, for the customers' customers, and for the world at large;
free software updates should be sent (by cisco, juniper, everybody else
who ever has a udp/53 size limit) removing this behaviour, and so on.

i don't think that notifications coming from the internet operations
community are going to do much good.  most udp/53 size limits are in boxes
whose owners do not understand these issues and would not recognize a
warning on this topic unless it came from their hardware/services vendor.



More information about the dns-operations mailing list