Hi everyone,

I did a small writeup of the "DNS Camel" presentation from this Tuesday in
London. 

It can be found here: 
https://blog.powerdns.com/2018/03/22/the-dns-camel-or-the-rise-in-dns-complexit/
(includes link to video, 
https://www.youtube.com/watch?v=8N_PO3s_Z24&feature=youtu.be&t=1h20m4s )

One of the funniest things I learned today was that we've apparently been
producing two new pages of DNS RFC *every week* steadily for the past 20
years.  Link has a graph.

>From the abstract:

"In past years, DNS has been enhanced with DNSSEC, QName Minimization, EDNS
Client Subnet and in-band key provisioning through magic record types.  It
is now also seeing work on 'DNS Stateful Operations', XPF, ANAME (ALIAS),
resolver/client encryption, resolver/authoritative encryption & KSK
signalling/rollovers.
Each of these features interacts with all the others. Every addition

therefore causes a further combinatorial explosion in complexity.

Up to now, the increase in DNS complexity (mostly driven by DNSSEC) has been
made possible by the huge pool of programming talent, mostly in the open
source world.

This presentation sets out, with examples, how innoccuous features
contribute to the combinatorial rise of complexity, and how we might ponder
thinking twice before loading up this camel further."

        Bert

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to