Drivel from Peter Dambier (was Re: Bind -vs- Microsoft DNS)

Jim Reid jim at rfc1035.com
Fri Oct 13 10:22:06 UTC 2006 

On Oct 13, 2006, at 10:32, Peter Dambier wrote:

> Brent Clark wrote:
>> May I ask what you mean by "DNS is under development".
> E.G. EDNS
>
> RFC2671 Extension Mechanisms for DNS (EDNS0)
>
> There used to be an issue with the implementation of EDNS

This RFC came out in 1999 so ENDS0 is hardly something that's "under  
development". It's implemented and supported in almost every DNS  
platform.

> DNSEC is currently implemented at RIPE and it still gives headaches.

RIPE is a twice-yearly network meeting. It doesn't implement  
anything. RIPE NCC has *deployed* DNSSEC on some parts of the name  
space that they are responsible for. This is largely on the reverse  
tree for the NCC's service region.

> ENUM builds on EDNS0 and still is a draft. So it is still ongoing.

This is nonsense. ENUM has no impact whatsoever on DNS protocol  
features other than possibly new service descriptors in NAPTR  
records. ENUM is not built on EDNS0. Though it works better if EDNS0  
is used by default. Oh and that document is not "still a draft". It  
has completed WG Last Call and is essentially done. It's just waiting  
for the IESG to approve the document before becoming an RFC.

> is it A6 or is it AAAA or is it something totally different?

That argument was settled years ago. It's AAAA.

> There is discussion on NANOG, DNSOP and BOTNETS about abolishing
> open resolvers. In the long run that will mean you can no longer
> rely on your ISPs resolvers you have to run your own.

This is just wrong too. An ISP that restricts recursive DNS service  
to their customers by definition does not have an open resolver. Any  
customer of such an ISP will not have to run their own resolver. They  
can just query the ISP's resolvers, just as they do already. The  
ISP's resolvers just won't handle queries from outside the ISP's  
network.

> And there others. The IETF is very busy.

Not really: certainly not if you equate work-rate to output. DNSSEC  
for instance has been worked on for over 10 years. There are a bunch  
of DNS protocol things that should be getting worked on at the IETF  
but aren't.

More information about the bind-users mailing list