On Tue, 22 May 2007, David Ulevitch wrote:
<snip>
These questions, and more (but I'm biased to DNS), can be solved at the edge for those who want them. It's decentralized there. It's done the right way there. It's also doable in a safe and fail-open kind of way.
This is what I'm talking about.
Agreed.
After all, nobody's security being affected by the edge of some end-user machine on the other side of the world is irrelevant to my edge security. FUSSP.
DNS abuse is mostly not an edge issue.
I disagree. DNS is the enabler for many many issues which are edge issues. (Botnets, spam, etc)
There you did it, you said the B word. Now all the off-topic screamers will flame. :) Botnets, spam, etc. are symptoms, and DNS is abused to help them along. DNS abuse, i.e. abuse of DNS, is a DNS issue. David, we agree - just talking of similar issues which are.. different. Gadi.