To:
dnssec@cafax.se
From:
Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date:
Thu, 13 May 2004 08:31:05 -0400
In-Reply-To:
Message from Miek Gieben <miekg@atoom.net> of "Thu, 13 May 2004 11:30:01 +0200." <20040513093001.GB1847@atoom.net>
Sender:
owner-dnssec@cafax.se
Subject:
Re: dnssec: resolver - application communication
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Miek" == Miek Gieben <miekg@atoom.net> writes:
>> We play a lot with DNSSEC here and it appears that it is quite
>> easy to have non working configurations. So here, SERVFAILs
>> aren't so unusual.
Miek> ok, but the word you use is 'play', when I was running the
Miek> SECREG experiment never had a problem with the .nl zone. Also
Miek> the delegations were also (mostly) correct. I think there is a
Miek> difference between playing with DNSSEC and deploying DNSSEC.
Uh,
a) you were *above*, David is below, and has no insight.
b) prior to deploying, one has to play.
If DNSSEC is tractable then it won't get used.
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr@xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQKNqiIqHRg3pndX9AQEaPgQA0EjbRoMjWHpV4DXNTUfu9e8PtWqeMBJp
Hy/n2Y65I9h460a9QUGQ/q1nxCgzNlN27H7ctpmj5FYLdTc/UJKIXzNB3V04XztY
YeMlSrpkzyRLo9UAZR/xrH13QHMFdNBdSpywItQGh+DPojAiLqwB6z+Gdwo23270
lhA0PPmYkd8=
=SiiQ
-----END PGP SIGNATURE-----