On 12-Feb-2007, at 05:03, Joao Damas wrote:
Aren't you forgetting the users in all this thread?
No, I don't think so.
Shouldn't users be able to get the DNS data clean from the actual authoritative servers or caching servers getting the information from there? rather than a who-knows-what-is-in-there zone served by a server which I can't verify?
In my opinion, yes.
If DNSSEC were deployed now at the root, problems would be less, but right now, I would rather be able to get info from the list of authoritative servers. Yes, I know about man in the middle, still, I would rather that not be my ISP.
Seems we are in agreement on this point. Joe _______________________________________________ DNSOP mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dnsop
