[dns-operations] OpenDNS adopts DNSCurve

Jacco Tunnissen jacco at glasvezel.net
Wed Feb 24 01:33:03 UTC 2010


On Tue, Feb 23, 2010 at 03:47:38PM -0800, Matthew Dempsky wrote:

>On Tue, Feb 23, 2010 at 3:40 PM, Jacco Tunnissen <jacco at glasvezel.net> wrote:

>>Just publish the protocol specification, I think? Then the questions will
>>follow on the IETF list. We have had this discussion before.
>
>Sure, dnscurve.org already documents the whole protocol, and I went ahead
>and reformatted it in Internet-Draft format[1] at the request of DNSEXT
>folk, but it garnered minimal feedback.

That's really tragic. But I guess the minimal feedback to your individual
submission has something to do with the way DNScurve is positioned by Daniel
and you from the start :) Even in your most recent OpenDNS article about
DNScurve, it's all (at least 50%) ranting about how bad DNSSEC is. This
shouldn't be your main motivator, come on.

DNSSEC was developed by the same people from DNSEXT. They know it took long.
And yes they know it cost a lot of money. But creating two camps like you're
doing now isn't extremely helpful. Some DNSEXT people on the IETF list have
even mentioned that DNScurve is a good proposal, but not to replace DNSSEC.

To conclude, any idea when DJB will start testing DNSSEC patches to his DNS
software?

Jacco



More information about the dns-operations mailing list