Re: [dns-wg] Solicitation for Statements of Interest regarding Root KSK Rollover

On Tue, Dec 16, 2014 at 01:17:11PM -0800, David Conrad wrote a message of 141 lines which said: > Similarly to the IETF, W3C, other SDOs, etc., presumably those folks > would either be supported by their organizations or they believe > sufficiently strongly in the efforts to fund themselves. [

Re: [dns-wg] Yeti DNS and the RIPE NCC

On Wed, May 25, 2016 at 12:32:06PM +0200, Amreesh Phokeer wrote a message of 110 lines which said: > Just want to know, how far or how close YETI is as compared to the Open > Root [1] project No comparison possible. 1) Yeti is an actual service, running. You can use it now if you want, you c

Re: [dns-wg] DNS Privacy

On Thu, May 26, 2016 at 07:58:11AM +0200, Sara Dickinson wrote a message of 58 lines which said: > there still are a couple of features that are missing from Unbound > for it to be fully performant/production ready. Out-of-order replies, for instance.

Re: [dns-wg] DNS Privacy

On Wed, May 25, 2016 at 11:11:08AM +0200, Sara Dickinson wrote a message of 32 lines which said: > A number of organisations have expressed interest in running such a > DNS Privacy enabled server and we would like to start a discussion > in the RIPE community to see if there is similar interes

Re: [dns-wg] New on RIPE Labs: Securing Network Infrastructure for DNS Servers

On Tue, Jun 28, 2016 at 12:41:51PM +0200, Ralf Weber wrote a message of 32 lines which said: > IMHO this is full of bad ideas and against protocol specs. While I > agree that at these day and age one must defend against attacks on > DNS systems, just blindly dropping on packet size or fragment

Re: [dns-wg] New on RIPE Labs: Securing Network Infrastructure for DNS Servers

On Tue, Jun 28, 2016 at 10:46:17AM -0300, Carlos M. Martinez wrote a message of 31 lines which said: > I’m sure there are plenty of people that will disagree with me, but, > IMO, you should never put stateful devices in front of a DNS > server. I fully agree but, precisely, this article use s

Re: [dns-wg] Reverse problem Delegation

On Fri, Mar 17, 2017 at 12:14:46PM +0100, Thierry Bagnoud wrote a message of 9 lines which said: > do you have problem with reverse delegations (subnet 153.109.0.0/16) or it's > a problem for ARIN ? Apparently ARIN. See this thread on the NANOG mailing list https://mailman.nanog.org/pipermai

Re: [dns-wg] [mat-wg] NSID option on the RIPE Atlas SOA measurements of the root servers

On Thu, Jul 20, 2017 at 02:20:39PM +0200, Chris Amin wrote a message of 90 lines which said: > it would be useful to have SOA queries from all probes with the NSID > EDNS option set, in order to be able to match up responses with the > particular responding instances It is also useful to dete

Re: [dns-wg] PowerDNS vulnerabilities

On Tue, Nov 28, 2017 at 12:26:25PM +, Jim Reid wrote a message of 15 lines which said: > However using these sorts of lists to get an even wider distribution > wouldn’t hurt. YMMV. Note that there was an article in the Internet tabloid: http://www.theregister.co.uk/2017/11/28/powerdns_dn

Re: [dns-wg] SLD .gov.* within european countries

On Sun, Jun 10, 2018 at 11:39:33AM +0200, Antonio Prado via dns-wg wrote a message of 42 lines which said: > does the SLD .gov.* within european countries' ccTLDs identify only > central government bodies and not local government or other public > administrations as well? I guess most answers

Re: [dns-wg] the day of reckoning is near

On Wed, Oct 10, 2018 at 03:39:27PM +0100, Jim Reid wrote a message of 3 lines which said: > So, who’s stocked up on canned food and ammunition in case it all > goes horribly wrong at 16:00 UTC tomorrow? :-) I'm fairly confident that ICANN would never have allowed the rollover if there was a r

Re: [dns-wg] DANE goes mainstream?

On Wed, Apr 08, 2020 at 02:42:56PM +0200, Ulrich Wisser via dns-wg wrote a message of 65 lines which said: > I wasn't aware of Gmail supporting DANE. Could you point me to some more > detailed info on that? They don't even have DNSSEC (a prerequisite for DANE) on gmail.com or google.com.

Re: [dns-wg] European Resolver Policy

On Wed, Apr 28, 2021 at 01:49:35PM +, Brett Carr wrote a message of 179 lines which said: > Those of you who were on the WG Call last week will of seen Andrew > Campling from 419 Consulting give a presentation on the newly > developed European Resolver policy. Note that despite its name,

[dns-wg] Sony Wins Pirate Site Blocking Order Against DNS-Resolver Quad9

I think it is the first time there is a court ruling specifically against a public DNS resolver? https://torrentfreak.com/sony-wins-pirate-site-blocking-order-against-dns-resolver-quad9-210621/ Note the reasoning (if some german-speaking person can confirm this is a fair summary?): > One of the

Re: [dns-wg] DNS4EU?

On Mon, Nov 08, 2021 at 07:12:38AM +0200, Hank Nussbacher wrote a message of 34 lines which said: >Does anyone have further insight into the European initiative >known as DNS4EU? There is very little actual information published on this project. According to some rumors, it would be

Re: [dns-wg] DNS4EU?

On Wed, Nov 10, 2021 at 04:08:20PM +0100, Carsten Schiefner wrote a message of 7 lines which said: > Are we sure that 'it' (definition...) will stop at "malware and > pishing"? We can be reasonably sure it will not. If it is actually used, we can expect IP (not Internet Protocol) lawyers aski

Re: [dns-wg] DNS4EU?

On Wed, Nov 10, 2021 at 05:05:53PM +0200, Taras Heichenko wrote a message of 60 lines which said: > I am not sure that I understand how a resolver can follow > GDPR. WHOIS, RDAP – ok, these services really may disclose some > sensitive information. How does a resolver can break GDPR? You shou

Re: [dns-wg] DNS4EU?

On Wed, Nov 10, 2021 at 03:58:40PM +0100, Ulrich Wisser via dns-wg wrote a message of 40 lines which said: > DNS4EU is intended to provide DNS filtering of malware and pishing. Most malware and phishing pages that are reported to us, as a registry, are not in "bad" domains but under a legitim

Re: [dns-wg] DNS4EU?

On Wed, Nov 10, 2021 at 04:24:16PM +0100, Stephane Bortzmeyer wrote a message of 13 lines which said: > The data is not sensitive (the DNS is public), not the fact that you > request it. Correct sentence: the data is not sensitive (the DNS is public), but the fact that you request

Re: [dns-wg] DNS4EU?

On Thu, Nov 11, 2021 at 08:01:46AM +0200, Taras Heichenko wrote a message of 27 lines which said: > BTW, did I get right that DNS4EU does not offer protection from this > issue. It just propose to give this info into another hands? May be but, at this stage, it is too early to tell (remember,

Re: [dns-wg] DNS4EU?

On Wed, Nov 10, 2021 at 08:51:41PM +0100, Erwin Hoffmann wrote a message of 38 lines which said: > Well, I do not expect to convince people to step into this solution > immediately, but for restricted networks (let's say including IoT > devices) it might be a useful alternative. This is a diff

Re: [dns-wg] DNS4EU?

On Mon, Nov 15, 2021 at 11:53:20AM +, Michele Neylon - Blacknight via dns-wg wrote a message of 119 lines which said: > I’d *love* to know how they expect to force anyone to use a specific > DNS resolver. Political pressure on Mozilla so that they use by default the DoH resolver of DNS4EU

Re: [dns-wg] DNS4EU?

On Thu, Dec 16, 2021 at 08:59:42AM +0100, Moritz Müller via dns-wg wrote a message of 179 lines which said: > I was wondering: Why does the EC believe that the resolvers users > currently rely on (e.g. provided by their ISP) provide > “low-quality”? Are there any studies about this? One possi

Re: [dns-wg] DNS4EU?

On Fri, Dec 17, 2021 at 01:43:12AM +, Geoff Huston wrote a message of 67 lines which said: > The problem for everyone else is the incursion of a US private > entity into the heart of the Internet’s name resolution > infrastructure. > > Over the past 16 months the number of EU users who p

Re: [dns-wg] DNS4EU?

On Thu, Dec 16, 2021 at 09:03:24AM -0800, David Conrad wrote a message of 84 lines which said: > Since they’re talking about a “federated” service, I suspect ISPs > who want to play by the EC’s rules will be considered a part of > DNS4EU. Interesting. I thought that "federated" meant either a

Re: [dns-wg] DNS4EU?

On Wed, Jan 12, 2022 at 06:01:38PM +0100, Ana Sen wrote a message of 84 lines which said: > This aspect is also reflected in the call document, which foresees > an assessment of suppliers to strictly exclude non-EU entities, > i.e. non-EU entities are not eligible for this call. Yes, I notice

Re: [dns-wg] DNS4EU community comment draft proposal

On Fri, Feb 04, 2022 at 10:54:31AM +0100, Joao Luis Silva Damas wrote a message of 232 lines which said: > RIPE Community believes that the responsibility of well-functioning > Internet access including the DNS resolution is with the access > providers. We believe it should stay that way. I f

Re: [dns-wg] IU and publc resolvers

On Fri, Feb 04, 2022 at 12:02:40PM +0100, Jaap Akkerhuis wrote a message of 13 lines which said: > Talking about the EU and public resolevsr, ENISA also just published > a report about this subject: >