> On 4 Sep 2017, at 07:12, Walter H. wrote:
>
> by the way: why are you discussing about DNSSEC for names that are used
> only locally?
Why do you seem to assume there are never, ever any DNS security issues on the
local net?
Why would someone want to deliberately configure things to prevent D
On Mon, September 4, 2017 10:26, Jim Reid wrote:
>
>> On 4 Sep 2017, at 07:12, Walter H. wrote:
>>
>> by the way: why are you discussing about DNSSEC for names that are used
>> only locally?
>
> Why do you seem to assume there are never, ever any DNS security issues on
> the local net?
when there
In message <59f8c88caaf82a5884aa87223d49e7e4.1504505...@squirrel.mail>, "Walter
H." writes:
> On Sun, September 3, 2017 23:38, Mark Andrews wrote:
> >> ]On 4 Sep 2017, at 4:47 am, Walter H.
> >> wrote:
> >>
> >> even if I fully ACK this, but 15 years ago, nobody said, that ".local",
> >> ... wo
In message <3fe7bc511a990b0288b645dc176e1ef3.1504515...@squirrel.mail>, "Walter
H." writes:
> On Mon, September 4, 2017 10:26, Jim Reid wrote:
> >
> >> On 4 Sep 2017, at 07:12, Walter H. wrote:
> >>
> >> by the way: why are you discussing about DNSSEC for names that are used
> >> only locally?
>
> I'd say: "either you trust the local net or not"
I'd say trust but verify. Everywhere. => In this context always doing DNSSEC
validation.
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
> Except you misses the entire point of getting a registered name,
> that is to be able to use it safely without anyone trampling on its
> use.
where there anyone who said: "don't use it", 15 years ago?
> 'home.arpa' is in the process of being registered so that it
> can be used safely in the env
Subject: Re: [DNSOP] DNS names for local networks - not only home residental
networks ... Date: Sun, Sep 03, 2017 at 08:47:30PM +0200 Quoting Walter H.
(walte...@mathemainzel.info):
> On 03.09.2017 06:32, Måns Nilsson wrote:
> > Corporate environments are a somewhat different matter, since you ca
In message , "Walter
H." writes:
> > Except you misses the entire point of getting a registered name,
> > that is to be able to use it safely without anyone trampling on its
> > use.
>
> where there anyone who said: "don't use it", 15 years ago?
Yes. There were lots that discourage the use of
On Mon, September 4, 2017 14:22, Mark Andrews wrote:
>
> In message ,
> "Walter H." writes:
>> where there anyone who said: "don't use it", 15 years ago?
>
> Yes. There were lots that discourage the use of .local, lan,
> .corp etc. Just becaue you didn't hear from them doesn't mean
> they weren't
On 4.9.2017 11:50, Walter H. wrote:
>> Except you misses the entire point of getting a registered name,
>> that is to be able to use it safely without anyone trampling on its
>> use.
>
> where there anyone who said: "don't use it", 15 years ago?
>
>> 'home.arpa' is in the process of being registe
On Fri, Sep 01, 2017 at 10:01:38PM +0200,
Walter H. wrote
a message of 125 lines which said:
> not one registry is willing to give me a domain - even when I pay
> for this - which I only use in a LAN, and the authoritativ DNS
> servers would then just be 127.0.0.1 or ::1
That's clearly not tr
On Mon, Sep 04, 2017 at 08:12:39AM +0200,
Walter H. wrote
a message of 23 lines which said:
> the 1st: uniqueness is not a requirement here
Serious mistake. Companies merge, and are bought. Any netadmin had, at
least once in his professional life, to manage RFC 1918 networks
merging and colli
On Mon, Sep 04, 2017 at 10:54:44AM +0200,
Walter H. wrote
a message of 25 lines which said:
> I'd say: "either you trust the local net or not";
I don't claim to be a security expert, but I think it is a
mistake. Many local networks are vulnerable to packets with an
internal address coming fro
On 04.09.2017 17:01, Stephane Bortzmeyer wrote:
On Mon, Sep 04, 2017 at 10:54:44AM +0200,
Walter H. wrote
a message of 25 lines which said:
I'd say: "either you trust the local net or not";
..., but I think it is a
mistake.
not really, when there is a security problem, DNS is the less o
On 04.09.2017 16:54, Stephane Bortzmeyer wrote:
That's clearly not true. .fr, for instance (but it is not the only
one) allows registration of a domain without name servers (or with
funny name servers such as ::1).
this might be a mistake of mine, as I meant registrar, hoster which I
considere
On Mon, Sep 04, 2017 at 05:21:54PM +0200,
Walter H. wrote
a message of 114 lines which said:
> when operating a local mail server that uses TLS for IMAP, SMTP,
> then a Anti-virus has to break TLS in order to scan before it gets
> to the client
Which is also a very bad idea, giving the curren
Mark Andrews wrote:
In
message,
"Walter H." writes:
where there anyone who said: "don't use it", 15 years ago?
Yes. There were lots that discourage the use of .local, lan, .corp
etc. Just becaue you didn't hear from them doesn't mean they weren't
out there.
alas, bad advice can circle th
> On 4 Sep 2017, at 13:54, Walter H. wrote:
>
> not really, at those days only a few TLDs where possible, the many TLDs came
> some years later ...
It should have been clear after 1997-1998 from the discussions of the IAHC and
the setup of ICANN that there would be a lot more TLDs. It took a
> On 3 Sep 2017, at 22:51, Paul Hoffman wrote:
> On 3 Sep 2017, at 14:38, Mark Andrews wrote:
>>
>>
>> Why would anyone tell you that “.local” would conflict when you were supposed
>> to register a name *before* using it.
>
> Because some vendors gave bad advice in their documentation, particu
In message , "Walter
H." writes:
> On Mon, September 4, 2017 14:22, Mark Andrews wrote:
> >
> > In message ,
> > "Walter H." writes:
> >> where there anyone who said: "don't use it", 15 years ago?
> >
> > Yes. There were lots that discourage the use of .local, lan,
> > .corp etc. Just becaue yo
Tony Finch wrote:
It should have been clear after 1997-1998 from the discussions of the
IAHC and the setup of ICANN that there would be a lot more TLDs. It
took a long time to ramp up but the process started more than 20
years ago.
money changes everything.
--
P Vixie
__
On Mon, 2017-09-04 at 20:29 +0100, Tony Finch wrote:
>
> On 3 Sep 2017, at 22:51, Paul Hoffman wrote:
> > On 3 Sep 2017, at 14:38, Mark Andrews wrote:
> > > Why would anyone tell you that “.local” would conflict when you
> > > were supposed
> > > to register a name *before* using it.
> >
> > Bec
> On Sep 4, 2017, at 3:12 PM, Michael H. Warfield wrote:
>
> I would point out an analogous situation with documentation and
> addresses. The documentation that accompanied Sun Microsystems SunOS
> and Solaris used examples of IP address 1.1.1.1 and 1.2.3.4 and
> similar, now making those block
In message <1504563125.29012.4.ca...@wittsend.com>, "Michael H. Warfield" write
s:
> On Mon, 2017-09-04 at 20:29 +0100, Tony Finch wrote:
> >
> > On 3 Sep 2017, at 22:51, Paul Hoffman wrote:
> > > On 3 Sep 2017, at 14:38, Mark Andrews wrote:
> > > > Why would anyone tell you that â.localâ wou
> On 4 Sep 2017, at 23:42, Mark Andrews wrote:
>>
>>> https://technet.microsoft.com/en-us/library/cc747455(v=ws.10).aspx
>
> The Microsoft page above advocated
> the use literal use of .local which is very different.
Worse than that! It was the default suggested by the software!
I think this
On Mon, September 4, 2017 21:16, Tony Finch wrote:
>
>> On 4 Sep 2017, at 13:54, Walter H. wrote:
>>
>> not really, at those days only a few TLDs where possible, the many TLDs
>> came some years later ...
>
> It should have been clear after 1997-1998 from the discussions of the IAHC
> and the setu
On Mon, September 4, 2017 22:45, Mark Andrews wrote:
>
>> >> > 'home.arpa' is in the process of being registered so that it
>> >> > can be used safely in the environment it is designed to be used in.
>> >>
>> >> yes, but commonly for residental networks, not company/enterprise
>> >> networks,
>> >>
> The keyword above was examples which they clearly were. Most of
> 1.0.0.0/8 is in use today despite those examples. The use of local
> test were also clearly examples. The Microsoft page above advocated
> the use literal use of .local which is very different.
and now in the IPv6 ages the sam
On Tue, September 5, 2017 01:02, Tony Finch wrote:
>
> A better
> alternative would have been to make the default parent domain something
> registered by MS, instead of a fake TLD.
yes and no; I still don't have "my" .home even I pre-registered it
several years ago ...
__
On Mon, September 4, 2017 21:29, Tony Finch wrote:
>
> However, Microsoft did encourage their customers to use .local names for
> Active Directory domains for quite a long time - see for example this link
> to the documentation for Windows Small Business Server 2003. It isn't fair
> to only blame M
In message , "Walter
H." writes:
> On Mon, September 4, 2017 21:16, Tony Finch wrote:
> >
> >> On 4 Sep 2017, at 13:54, Walter H. wrote:
> >>
> >> not really, at those days only a few TLDs where possible, the many TLDs
> >> came some years later ...
> >
> > It should have been clear after 1997-1
On Tue, September 5, 2017 06:34, Mark Andrews wrote:
>
> In message ,
> "Walter
> H." writes:
>> On Mon, September 4, 2017 21:16, Tony Finch wrote:
>> >
>> >> On 4 Sep 2017, at 13:54, Walter H.
>> wrote:
>> >>
>> >> not really, at those days only a few TLDs where possible, the many
>> TLDs
>> >>
32 matches
Mail list logo
