At 21:54 +0200 12/5/06, Pekka Savola wrote:
>On Mon, 4 Dec 2006, bert hubert wrote:
>> That is one other problem of DNSSEC - it is absorbing most of the 'brain
>> cycles' of DNSEXT members. Non-DNSSEC drafts struggle to get enough
>> attention, even those which would have an immediate positive influence on
>> DNS security.

>Agree. There are a lot of (IMHO, more) pressing problems with DNS, such as
>writing an understandable basic specification (think of 'DNS implementation
>requirements') so that 98% of vendors don't get it wrong (or miss important
>features, e.g., the cache poisoning validaton) in one way or the other.

This is one of the many good ideas that has floated to the surface
time and again over the years. Every time this is thought about, we
get caught in what is "right." E.g., look at what happened when we
tried to clarify just AXFR. Clarifying wildcards took 4 years. I'd
rather waste my time designing DNS II than clarifying RFC 1034,
Edward Lewis +1-571-434-5468

Dessert - aka Service Pack 1 for lunch.

to unsubscribe send a message to with
the word 'unsubscribe' in a single line as the message text body.