[dns-operations] Implementation of negative trust anchors?
Jason_Livingood at cable.comcast.com
Wed Sep 4 13:15:43 UTC 2013
On 8/23/13 12:52 PM, "Daniel Kalchev" <daniel at digsys.bg> wrote:
>Most ISP's DNS "operations" are just as clueless/careless as those
>breaking their DNS setups. NTAs are not solutions for these, because
>they won't bother with it either.
It's fun to poke at operators I guess, and that's certainly one reason why
more operators don't come to the IETF. ;-)
IMHO the experiences and knowledge that operators - which implement IETF
protocols and standards - bring as much value as the people writing the
original standards themselves. A standard is useless if no one implements
it / if it is not deployed at scale.
But getting back to ISP DNS operators being clueless/careless, of course
in this case the 'clueless/careless' parties are the ones who can't get
their authoritative practices right - not the ISP DNS operators (or other
recursive DNS operators).
>The obvious question is, do we want to codify this in BCP or even worse
Neither. An informational document has been proposed.
More information about the dns-operations