On Sunday, 14 July 2019 23:09:00 UTC Rob Sayre wrote: > Paul Vixie wrote: > > ... > > Was DNS intentionally designed to be insecure?
no. nor ip itself, or ncp which preceded it, or tcp, or udp, or icmp, or smtp, ot http. it was insecure because it evolved in a safe, germ free academic bubble. absolutely none of it was designed with billions of people in mind, or the full cross section of humanity which would include criminals and national intelligence services. the world of the internet in 2019 would have been seen as a total freak show by the community who deployed dns in the 1980's. nothing that can be abused won't be. you may or may not believe this; it's considered controversial, and there are arguments being had about it today. but noone considered that now-controversial near-truism at all when the core internet protocols were first designed and implemented. the idea of abuse was considered novel in the 1990's when commercialization and privatization brought abuse into the internet world and burst the academic bubble. a lot of old timers blamed AOL and MSN and even Usenet for the problems, but in actuality, it's what humans _always_ do at scale. putting the full spectrum of human culture atop a technology platform designed for academic and professional culture should have been understood to be a recipe for disaster. -- Paul _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
