<br><br><div class="gmail_quote">On Fri, Apr 23, 2010 at 12:15 AM, Hugh Dierker <span dir="ltr"><<a href="mailto:hdierker2204@yahoo.com">hdierker2204@yahoo.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr><td style="font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; font-size: inherit; line-height: inherit; font-size-adjust: inherit; font-stretch: inherit;" valign="top">
<div>Fair trade is necessary trade. Unnecessary tradeoffs are lame. </div></td></tr></tbody></table></blockquote><div><br>I agree. It is a tradeoff and not fair trade.<br> </div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr><td style="font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; font-size: inherit; line-height: inherit; font-size-adjust: inherit; font-stretch: inherit;" valign="top">
<div>These problems are not necessary -- except that they are within the given framework of lack of motivation to do better. It comes down to this, if we set our standards outside of competitive models there is no incentive to do better. ICANN, the Dnssec and this SAIC are working within government sanctioned slobbery, both intellectual and economic slobbery. I used to think it was snobbery, now I know it is a laziness born of shovel leaning bureaucrats. You may be kind and call it "make work" but would you call intentional fraud "make work"? Buggy whips and Railroad fireman is what this is.</div>
</td></tr></tbody></table></blockquote><div><br>Again I agree. DNSSEC is a snow job by committee. SAIC is a joke. "I" root server in Beijing is still down. Where is SAIC on that.<br> </div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr><td style="font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; font-size: inherit; line-height: inherit; font-size-adjust: inherit; font-stretch: inherit;" valign="top">
<div> </div>
<div>The plan I am putting together for the inculsives will generate some new fire under the pants of these obstructionists and they will find that a better mousetrap can be built.</div></td></tr></tbody></table></blockquote>
<div><br>Thank you - I and my TLD holders thank you.<br><br>regards<br>joe baptista<br><br> <br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr><td style="font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; font-size: inherit; line-height: inherit; font-size-adjust: inherit; font-stretch: inherit;" valign="top">
<div> </div>
<div><br><br>--- On <b>Thu, 4/22/10, Joe Baptista <i><<a href="mailto:baptista@publicroot.org" target="_blank">baptista@publicroot.org</a>></i></b> wrote:<br></div>
<blockquote style="border-left: 2px solid rgb(16, 16, 255); padding-left: 5px; margin-left: 5px;"><br>From: Joe Baptista <<a href="mailto:baptista@publicroot.org" target="_blank">baptista@publicroot.org</a>><br>Subject: [ga] Re: Resolving .gov w/dnssec<br>
To: <a href="mailto:cet1@cam.ac.uk" target="_blank">cet1@cam.ac.uk</a>, "<a href="mailto:ga@gnso.icann.org" target="_blank">ga@gnso.icann.org</a> >> GA" <<a href="mailto:ga@gnso.icann.org" target="_blank">ga@gnso.icann.org</a>><br>
Cc: "Paul Wouters" <<a href="mailto:paul@xelerance.com" target="_blank">paul@xelerance.com</a>>, "Bind Users Mailing List" <<a href="mailto:bind-users@lists.isc.org" target="_blank">bind-users@lists.isc.org</a>>, "Timothe Litt" <<a href="mailto:litt@acm.org" target="_blank">litt@acm.org</a>><br>
Date: Thursday, April 22, 2010, 8:07 AM<br><br>
<div>Looks like the future of the DNSSEC make work project includes resolution failures here and there. More security - less stability - guaranteed slavery. I wounder if it's a fair trade.<br><br>we'll see ..<br>
regards<br>joe baptista<br><br>
<div class="gmail_quote">On Thu, Apr 22, 2010 at 10:52 AM, Chris Thompson <span dir="ltr"><<a href="http://us.mc529.mail.yahoo.com/mc/compose?to=cet1@cam.ac.uk" rel="nofollow" target="_blank">cet1@cam.ac.uk</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>On Apr 22 2010, Paul Wouters wrote:<br><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">On Thu, 22 Apr 2010, Timothe Litt wrote:<br><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">I'm having trouble resolving <a href="http://uspto.gov/" rel="nofollow" target="_blank">uspto.gov</a> with bind 9.6.1-P3 and 9.6-ESV<br>
configured as valdidating resolvers.<br><br>Using dig, I get a connection timeout error after a long (~10 sec) delay.<br>+cdflag provides an immediate response.<br></blockquote><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Is anyone else seeing this? Ideas on how to troubleshoot?<br></blockquote><br>I have the same problems with our validating unbound instance. <br>
</blockquote><br></div>I suspect that this has to do with<br><br> dig +dnssec +norec dnskey <a href="http://uspto.gov/" rel="nofollow" target="_blank">uspto.gov</a> @<a href="http://dns1.uspto.gov/" rel="nofollow" target="_blank">dns1.uspto.gov</a>.<br>
dig +dnssec +norec dnskey <a href="http://uspto.gov/" rel="nofollow" target="_blank">uspto.gov</a> @<a href="http://sns2.uspto.gov/" rel="nofollow" target="_blank">sns2.uspto.gov</a>.<br><br>failing with timeouts, while dig +dnssec +norec +vc dnskey <a href="http://uspto.gov/" rel="nofollow" target="_blank">uspto.gov</a> @<a href="http://dns1.uspto.gov/" rel="nofollow" target="_blank">dns1.uspto.gov</a>.<br>
dig +dnssec +norec +vc dnskey
<a href="http://uspto.gov/" rel="nofollow" target="_blank">uspto.gov</a> @<a href="http://dns2.uspto.gov/" rel="nofollow" target="_blank">dns2.uspto.gov</a>.<br><br>work fine ... with a 1736-byte answer. Probably the fragmented<br>
UDP response is getting lost somewhere near the authoritative<br>servers themselves.<br><font color="#888888"><br>-- <br>Chris Thompson<br>Email: <a href="http://us.mc529.mail.yahoo.com/mc/compose?to=cet1@cam.ac.uk" rel="nofollow" target="_blank">cet1@cam.ac.uk</a></font>
<div>
<div></div>
<div><br><br>_______________________________________________<br>bind-users mailing list<br><a href="http://us.mc529.mail.yahoo.com/mc/compose?to=bind-users@lists.isc.org" rel="nofollow" target="_blank">bind-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/bind-users" rel="nofollow" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br></div></div></blockquote></div><br><br></div></blockquote></td></tr></tbody></table>
<br>
</blockquote></div><br><br clear="all"><br>-- <br>Joe Baptista<br><br><a href="http://www.publicroot.org">www.publicroot.org</a><br>PublicRoot Consortium<br>----------------------------------------------------------------<br>
The future of the Internet is Open, Transparent, Inclusive, Representative & Accountable to the Internet community @large.<br>----------------------------------------------------------------<br> Office: +1 (360) 526-6077 (extension 052)<br>
Fax: +1 (509) 479-0084<br><br>Personal: <a href="http://baptista.cynikal.net/">http://baptista.cynikal.net/</a><br>