[dns-operations] Hall of DNS Shame (?)
Matt Larson
matt at kahlerlarson.org
Wed Jan 25 20:35:36 UTC 2017
>> On Jan 24, 2017, at 8:38 PM, Paul Vixie <vixie at tisf.net <mailto:vixie at tisf.net>> wrote:
>>
>> On Tuesday, January 24, 2017 5:11:25 PM PST Jim Reid wrote:
>> > I suggest adding ISC to this hall of shame for implementing and deploying DLV. :-)
>>
>> if you think the root or .com would ever have been signed without the threat of dlv, then can i interest you in this fine bridge, which while you can't take it home with you, can be yours for the low low price of a nickel.
>>
>> no :-) here.
>>
>> --
>> P. Vixie
>
> On Jan 25, 2017, at 6:56 AM, David Conrad <drc at virtualized.org <mailto:drc at virtualized.org>> wrote:
>
> Yes, it would have, at least for the root.
>
> In all the discussions I had with various folks about signing the root within ICANN, there was no mention of DLV that I can recall (and I was somewhat sensitive to the topic).
>
> What caused the root to be signed was the Kaminsky vulnerability.
>
> I obviously can't speak for .COM.
I worked at Verisign for a very long time, including when .com was signed. While I obviously can't speak for them now, either, I suspect that if you were to ask anyone who was there at the time, their answer would be that DLV was not at all a factor in the decision to sign .com.
Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20170125/7bd81d9a/attachment.html>
More information about the dns-operations
mailing list