Ben, At 10:30 PM 7/29/97 -0400, Ben Black wrote:
so a statement from paul that the internet is effectively broken until DNSSEC is acceptable to you even if there are known ways to combat known attacks?
stop worshipping long enough to think about the ramifications of this.
Reponsible participation in public discussion is a difficult challenge for even the most capable contributor. For others, the challenge is quite basic. They must listen carefully. They must consider carefully. They must stay on the topic. They must use professional language and avoid ad hominem distractions. The fact that the security on your house is not optimal, it does not mean that your house has no security. The fact that there are attacks which are still feasible on the DNS does not mean that the DNS doesn't work. ("Broken" means doesn't work, in case there is confusion about your use of language.) So please note that your response to this thread reduce it to an inaccurate assessment. Given the importance of the DNS and the difficulty which the general public has dealing with network security issues, it would be highly irresponsible to propagate inaccurate statements like the one above. d/ -------------------- Dave Crocker Internet Mail Consortium +1 408 246 8253 675 Spruce Dr. fax: +1 408 249 6205 Sunnyvale, CA 94086 USA info@imc.org , http://www.imc.org