Dough Barton changed the topic, so I hope this isn't too far off the new topic.
On Wed, 11 Mar 2015, Doug Barton wrote: > [...] to prevent zone walking. We were routinely told that it was stupid > to care about the contents of your zones, since that was all data that > is published on the public Internet anyway. I don't think anyone is claiming that common operational practices (*cough* DNS over TCP) are always "the best way forward". Let me tell you how I "own" your statement in my own mind: The DNS gurus told us all of our stuff is already on the internetz and that we're stupid to care about it. Gee maybe they're right. Well I'm still not going to make it easy. ***Guess I don't need to worry about monitoring this stuff, so I'll take that off my quarterly operational objectives.*** Fast forward to the current day (*cough* hot server rooms) and we can see that a disservice has been done, although it is unclear whether it is self-inflicted or not. Because the guru has spoken, we're not doing any monitoring and so nobody is the wiser (if you're serving assets to some large company's mobile app's customers while they remain blissfully unaware for TWO YEARS clearly this is true!). I'm not attending IETF events, so I don't know what is occurring, but this is one of the problems with gurus: not only do they irritatingly tell you what to do, but we tend to believe them until they make fools of themselves. Gurus also tend to think they're doing everything they can; we can even assume the correct words were mumbled on occasion, but we can see where we are and what stuck with the recipients. (Maybe the lesson should have been BECAUSE your dirty laundry is all over the internet, you really ought to monitor it.) If we really want to "step up" a rung or two on the operations and security ladder, communication needs to improve. -- Fred Morris _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
