Date: Mon, 19 Feb 2001 10:43:38 -0800 From: Dan Peterson <danp@danp.net> To: arch@freebsd.org Subject: Re: DJBDNS vs. BIND Message-ID: <20010219104338.B98114@danp.net> In-Reply-To: <Pine.NEB.3.96L.1010219132432.56503Z-100000@fledge.watson.org>; from rwatson@freebsd.org on Mon, Feb 19, 2001 at 01:32:08PM -0500 References: <20010219101234.A98114@danp.net> <Pine.NEB.3.96L.1010219132432.56503Z-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm on the list. Please direct replies accordingly. Robert Watson <rwatson@freebsd.org> wrote: > Hmm. Dynamic DNS sounds like it might be in the IETF standards track, > actually. Please take a look at RFC 3007. That doesn't mean it's not a hack. Would RFC 2317 <URL:http://www.ietf.org/rfc/rfc2317.txt>; be around if BIND wasn't? I don't see any RFC's specific to Sendmail's sendmail.cf format (and subsequent "standards track" documents to get around its deficiencies). > Name servers are welcome to implement whatever certification process > they'd like: it doesn't have to include the DNS root, it's welcome to > include peers, etc. Many people are critical of the DNSsec root model, but > you're not forced to use that. If it doesn't start at the roots, what good is it? Sure, you can make sure records within your own zones are "secure," but that's pretty much a given anyway. What about results from recursive queries to the Internet? DNSSEC is meaningless unless it goes from the roots up. -- Dan Peterson <danp@danp.net> http://danp.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010219104338.B98114>