Hello Brenden,<br><br><div><span class="gmail_quote">On 4/24/07, <b class="gmail_sendername">Brenden Kuerbis</b> <<a href="mailto:bnkuerbi@syr.edu" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
bnkuerbi@syr.edu</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br><br><div><span><div> </div></span>
<div>Dear McTim,</div>
<div> </div>
<div>To be honest, I was suprised to see someone who claims knowledge from allegedly participating in the "right" lists express such an opinion. </div></div></blockquote><div><br><br>Why? You see politics, I see protocol development and implementation. Perhaps this is because you are political scientists?
I don't blame you, when I worked in DC, I subscribed to the 'everything is political" view as well. After a while, I grew to dislike the tint of those particular specs.<br> </div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div>One does not have to dig very deep in the relevant IETF Working Group lists (Namedroppers, DNSOPS, and other pre 2001 non-IETF lists) to find evidence that DNSSEC, and particularly control over signing the root, is intensely political and could continue to hold up deployment of the technology.
</div></div></blockquote><div><br>Well it's not just root-signing that is holding up deployment, it's bad design choices along the way that is just as culpable. <br><br>Should we have a signed rootzone? yes. Who should sign it? the rootzone admin of course (
<a href="mailto:NSTLD@VERISIGN-GRS.COM">NSTLD@VERISIGN-GRS.COM</a>).<br><br>I don't particularly care who signs the ZSK. I'm sure you will tell us all who should in due course.<br><br></div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div> In fact, one of the central actors in the technical community shaping the DNS (Paul Vixie) just said as much (
<a href="http://thread.gmane.org/gmane.ietf.dnsext/10235/focus=10237" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://thread.gmane.org/gmane.ietf.dnsext/10235/focus=10237</a>). </div></div>
</blockquote><div><br><br>He said the word politics, true. But if you read that mail and the rest of the thread, or have been on the list for a long time (as I was before it got deadly boring), you'd know that who/how root-signing was to be done is outside IETF purview. I don't ever recall it being tackled on that list or DNSOPS (to which I am still subbed).
<br></div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div>So please, do this list a favor</div></div></blockquote><div><br><br>Why would it be doing the list a favor to point out that you are trying to make a mountain out of a molehill? <br> </div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div>, and stop trying to discredit research on this issue.</div></div></blockquote><div><br>research or opinion? It's a blog man, you've "researched" the history and described the protocol. I am still waiting for the meat.
<br><br>It's a fix to a narrow set of specifc well-known vulnerabilities. The sky is not falling. I'm trying to point this out, not discredit you.<br> </div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div> If you want to debate the issue please join it constructively - here, or on our blog <<a href="http://blog.internetgovernance.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://blog.internetgovernance.org</a>>,</div></div></blockquote><div><br><br>I am waiting for you to complete your thoughts before I offer feedback there.<br> </div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div> or at the upcoming symposium on Internet governance and security <<a href="http://internetgovernance.org/events.html#Symposium_051707" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://internetgovernance.org/events.html#Symposium_051707
</a>> - rather than make misguided attempts to stiffle it.</div></div></blockquote><div><br>I am not trying to stifle it, only to add a different perspective. Remember, It's only "misguided" in your head, not in mine.
<br><br></div></div>-- <br>Cheers,<br><br>McTim<br>$ whois -h <a href="http://whois.afrinic.net" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">whois.afrinic.net
</a> mctim<br>