[Unbound-users] unbound 1.4.6 released

Ondřej Surý ondrej at sury.org
Wed Aug 4 13:52:25 UTC 2010


On Wed, Aug 4, 2010 at 13:58, Peter Koch <pk at denic.de> wrote:
>> one was was happy that you implemented it as an option. I suppose I
>> could be equally happy with fiddling around with DNScurve a bit. A
>
> That would indeed be interesting, but DNScurve isn't as complete and
> stable as 0x20 possible could be.  I appreciate resolver implementers
> being conservative about implementing moving targets. Resolvers, if
> widely deployed, cause swarm effects on the infrastructure and some
> caution is due.

I fully agree with Peter here. dnscurve is not a standard and we don't
know whether it will be adopted by IETF, or some other idea will
succeed, or if it will be kept intact once adopted by IETF.

Dnscurve has some problems, but I don't want to go into the detail
since this discussion doesn't really belong here. (And I won't discuss
it here.) But I do object to implementing such a dramatic change in
behaviour of unbound as dnscurve is.

Ondrej
P.S.: Also I would recommend to not spread FUD about DNSSEC in this
mailing list. We don't want to have a flamewar here.
-- 
Ondřej Surý <ondrej at sury.org>




More information about the Unbound-users mailing list