Re: [RETRANSMIT] Re: Radical Surgery proposal: stopdoingreverse for IPv6.

[Brad Knowles <brad.knowles@skynet.be>]

At 3:59 PM -0500 2003/03/21, Dean Anderson wrote:

>         Non-wacko's (Ok, from now on I'll use another word) know that
>  Reverse is a convenience only.

	Fine.  If it's only a convenience, please disable all your 
applications which may potentially make any use whatsoever of reverse 
DNS, and don't come back to us until you have done so.

	This includes traceroute.

>                                 If it didn't exist, only the convenience of
>  seeing a name on a traceroute is lost.

	Others have already demonstrated what important uses that reverse 
DNS is being put to.  Instead of being a broken record, why don't you 
try to address those issues?

>  Essentially, you are exemplary of the reason is should be deprecated:
>  People who share your beliefs about reverse put too much trust in it, they
>  _depend_ on it in some way, and that is bad enough that we need to get rid
>  of it.

	I put absolutely no trust in reverse DNS.  However, I believe 
that people should have the right to expect that reverse DNS will 
mostly work, especially in cases where they control both ends of 
certain transactions, and where the applications are intelligent 
enough to do a full forward-reverse-forward check to ensure that they 
aren't being spoofed.

	I may disagree with their choice of methods, but until you can 
come up with real arguments as to why reverse DNS should be 
abolished, I will defend to the death their right to choose to do so.

>  Its just like 3-wheeled ATV's (banned in the US)--They handle like
>  snowmobiles, and really aren't much more dangerous, but some people put
>  too much faith in the concept that if you turn the wheel (without
>  leaning), the vehicle should still turn and not roll over.  Because of
>  that, the many people who can safely operate the 3wheelers are denied, for
>  the safety of those who can't.

	I am familiar with 3-wheeled ATVs.  A cousin of mine was a "world 
of outlaws" sprint car driver/mechanic, Chief Mechanic for Sammy 
Swindell (including the brief time he spent trying to break into 
NASCAR), and now has his own business building race cars (or parts 
thereof).  Both he and his brother are frequently involved in 
off-road activities.  They were (safely) riding 3-wheeled ATVs before 
they could legally drive, probably before they were teenagers.

	Reverse DNS is not a three-wheeled ATV.  It has important 
real-world uses, and does not begin to pose the kinds of dangers that 
you imply.


	If you can stop being a broken record and actually come up with 
serious arguments as to why the applications that have already been 
mentioned are not valid, and why reverse DNS is such a heinous crime 
to commit, you might have a chance of convincing me, and others.

	Until then, everything you've said is nothing but a pointless 
repetition of the same old vacuous claims, and you're not going to 
get very far.

-- 
Brad Knowles, <brad.knowles@skynet.be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.