We have a design that scales well. It's called DNSSEC.
ISC has worked on DNSSEC development for well over 10 years.
Once development stopped we looked at methods to speed up
it deployment. It works today. People were deploying it
well before this recent problem started.

The problem is that is will take time to get people to sign
their zones.

DNSSEC security is end to end. Publisher to validator. You
don't need to secure individual links which is what the
random query ports attempt to do. Put the validator on
the same machine as the application and you are only worried
about securing interprocess communication which unless the
attacker is on the machine should be secure.


> I could imagine a few places where DNS is part of life support; I
> believe that would be a bad design but it could be so a few places.

> Ben Croswell wrote:
> > I am not saying burn ISC at the stake by any stretch of the imagination, but
> > I think your comment about people not dying if a nameserver is down is a
> > little understating things. Perhaps in your DNS environment servers
> > crashing and being unable to resolve is not a big deal, but I bet a lot of
> > the folks here who run DNS for large organizations would beg to differ.
> >

> --
> Best regards
> Sten Carlsen
> No improvements come from shouting:

Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org