[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

hat tip to .gov hostmasters

Subject: hat tip to .gov hostmasters
From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com)
Date: Mon, 22 Sep 2008 15:30:44 +0000
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <6BCAB7B989C2EA4AAD36652C14D4FB4563512B@FHDP1CCMXCV02.us.one.verizon.com> <[email protected]>

On Mon, Sep 22, 2008 at 05:24:00PM +0200, Florian Weimer wrote:
> * marcus sachs:
> 
> > While we wait for applications to become DNSSEC-aware,
> 
> Uhm, applications shouldn't be DNSSEC-aware.  Down that road lies
> madness.  What should an end user do when the browser tells him,
> "Warning: Could not validate DNSSEC signature on www.example.com,
> signature has expired.  Continue to connect?"
> 
> -- 
> Florian Weimer                <fweimer at bfk.de>


	actually, I am really hoping that at least one API
	is standardized so that applications can use DNSSEC 
	data.  We never finished the discussion on fail/open
	fail/closed wrt DNSSEC.

--bill

Follow-Ups:
- hat tip to .gov hostmasters
  - From: Ed.Lewis at neustar.biz (Edward Lewis)

References:
- hat tip to .gov hostmasters
  - From: darkuncle at gmail.com (Scott Francis)
- hat tip to .gov hostmasters
  - From: xenophage0 at gmail.com (Jason Frisvold)
- hat tip to .gov hostmasters
  - From: fweimer at bfk.de (Florian Weimer)
- hat tip to .gov hostmasters
  - From: karnaugh at karnaugh.za.net (Colin Alston)
- hat tip to .gov hostmasters
  - From: fweimer at bfk.de (Florian Weimer)
- hat tip to .gov hostmasters
  - From: marcus.sachs at verizon.com (marcus.sachs at verizon.com)
- hat tip to .gov hostmasters
  - From: fweimer at bfk.de (Florian Weimer)

Prev by Date: hat tip to .gov hostmasters
Next by Date: hat tip to .gov hostmasters
Previous by thread: hat tip to .gov hostmasters
Next by thread: hat tip to .gov hostmasters
Index(es):
- Date
- Thread