[dns-operations] Question to DNSSEC and DLV policy
Michael Monnerie
michael.monnerie at is.it-management.at
Mon Mar 23 07:26:14 UTC 2009
On Montag 23 März 2009 Paul Vixie wrote:
> there is precious little benefit to being the first to speak a wide
> area protocol. that was true of IPv6
Here in Austria, still it *is* true. I don't know any ISP who would give
you IPv6 addresses. I'd like to test it, but can't. I know there are
IPv6-to-IPv4 services, but I'd like to be native. Well, I believe if you
have real services you'd still need both IPv4 and IPv6 on that server.
> if you deploy DNSSEC and DLV today you will become immune to several
> kinds of known wire-level poisoning for others who've deployed DNSSEC
> and DLV.
>
> but more importantly you will form an installed base that will
> attract others who need more motivation than you needed.
Yes, like I said it's cool. And I'd like to implement and test it. Just
need to wait until named is patched with openSUSE.
mfg zmi
--
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0660 / 415 65 31 .network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4
// Keyserver: wwwkeys.eu.pgp.net Key-ID: 1C1209B4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20090323/55964936/attachment.sig>
More information about the dns-operations
mailing list