Slashdot Mirror

← Back to Stories (view on slashdot.org)

DNSSEC: Good Enough?

Posted by timothy on from the those-darn-numbers dept.

Phil Windley writes "DNS Security Extension, or DNSSEC, is a set of extensions to DNS, which provide end-to-end authenticity and integrity. Paul Mockapetris, the inventor of DNS believes DNSSEC is the answer to many of the identity problems on the Internet. He wants the IETF to get off the dime and approve the DNSSEC spec. A recent article in ZDNet TechUpdate interviews Mockapertis on DNSSEC (summary)."

15 of 188 comments (clear)

  1. New Protocol Name by liam193 · · Score: 5, Funny

    This sounds like a great idea. Let's present a new protocol. I suggest we name it Slashdot Mail Transfer Protocol. We could use the shortened form SMTP. hmmm well... on second thought maybe the name needs more work.

  2. well... ok... by Ninja+Master+Gara · · Score: 5, Funny
    As long as SMTP continues to the be the friendly protocol.

    HELO imamailserver.com
    250 Hello imamailserver.com [127.0.0.1] nice to meet you!

    --

    ---
    When I grow up, I want to be a kid again.
  3. I'm sorry but... by Anonymous Coward · · Score: 0, Funny

    The proper acronym for "DNS Security Extension" should be "DNSSEX"

  4. DNSSEC: Good Enough? by Anonymous Coward · · Score: 5, Funny

    Nothing is ever good enough for /. readers, well except for Ogg Vorbis.

    1. Re:DNSSEC: Good Enough? by Gherald · · Score: 2, Funny

      > Nothing is ever good enough for /. readers, well except for Ogg Vorbis

      No, even most /. readers will acknowledge that the name sucks, so its not *entirely* perfect.

      --
      The unofficial /. digest
  5. You young whippersnappers! by Anonymous Coward · · Score: 4, Funny

    'Course it's good enough. Why, back in my day we didn't even have DNS; you had to send the domain to the next server via smoke signals, and that didn't always work so we often sent the packet data tied to the legs of birds. Of course, the going got real rough sometimes, usually around dove season...

    1. Re:You young whippersnappers! by quick_dry_3 · · Score: 2, Funny

      "Why, back in my day we didn't even have DNS; you had to send the domain to the next server via smoke signals..."

      modded informative? so thats how they really did it huh.

      you'd be pissed when the dove finally made it back with host not found.

    2. Re:You young whippersnappers! by beacher · · Score: 4, Funny

      Oh.... I've always wanted to meet someone that's had a successful CPIP implementation that's rfc 1149 compliant..... Maybe we should all get duck calls and have a duck naming service to make sure the pigeons know which duck to follow. Next thing you know the DNS will do round robin going duck duck goose until you're crazy as a loon.

      Dammit.. too many bird jokes.. I know I'm running afowl of the etiquette.. Hell with it, I'm not chicken.
      -B

  6. Last message by Anonymous Coward · · Score: 1, Funny

    I know you're out there. I can feel you now. I know that you're afraid. You're afraid of us. You're afraid of change. I don't know the future. I didn't come here to tell you how this is going to end. I came here to tell you how it's going to begin. I'm going to make this post and then I'm going to show these people what you don't want them to see. I'm going to show them a world without you, a world without special character filters or repetitious character limits - a world where any form of trolling is possible. Where we go from there is a choice I leave to you.

  7. Please site the RFCs! by El · · Score: 3, Funny

    I know RFC 1149 governs "packet data tied to the legs of birds", but I can't seem to find the relevant RFC governing IP over smoke signals, only a draft document. Was this protocol ever finalized? Can you provide a link? I'd hate to see people out there implementing non-RFC compliant IP over smoke signals -- that would cause massive interoperability problems!

    --

    "Freedom means freedom for everybody" -- Dick Cheney

    1. Re:Please site the RFCs! by Odin's+Raven · · Score: 4, Funny
      I can't seem to find the relevant RFC governing IP over smoke signals, only a draft document. Was this protocol ever finalized?

      The protocol was nearly finalized, but had to be withdrawn after SCO threatened to sue, claiming that the "smoke signals" protocol infringed on as much as 50% of the IP contained in their "smoke and mirrors" business model.

      --
      A marriage is always made up of two people who are prepared to swear that only the other one snores.
  8. Re:How do you spell his name ? by El · · Score: 2, Funny

    "It's a damn poor mind that can think of only one way to spell a word!" -- Andrew Jackson

    --

    "Freedom means freedom for everybody" -- Dick Cheney

  9. OK here is a /. MS bash from a bash user. by ratfynk · · Score: 2, Funny

    What I think we will see with the Fritz chip .NET will be a DNS that first asks "where do you want to go today" then tells you need to obtain the key!

    --
    OH THE SHAME I fell off the wagon and use sigs again!
  10. Re:dan bernstein's position on this by ZoneGray · · Score: 2, Funny

    >> Is he living on the same earth we do?

    Notwithstanding the overwhelming indications to the contary, yes.

  11. Re:dan bernstein's position on this by Gleef · · Score: 2, Funny

    Anonymous Coward wrote:
    Yes, DNSSEC is unfinished. The IETF has become worse than ISO.

    Nope, IETF won't be worse than the ISO as long as the IETF allows you to read the standard without charging you.

    --

    ----
    Open mind, insert foot.