[135692] in North American Network Operators' Group
Re: [arin-announce] ARIN Resource Certification Update
daemon@ATHENA.MIT.EDU (Osterweil, Eric)
Thu Jan 27 20:54:05 2011
Date: Thu, 27 Jan 2011 18:51:38 -0700
From: "Osterweil, Eric" <eosterweil@verisign.com>
To: NANOG <nanog@nanog.org>
In-Reply-To: <C967670A.4C7E%eosterweil@verisign.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 1/25/11 7:04 AM, "Roland Dobbins" <rdobbins@arbor.net> wrote:
>
>
> On Jan 25, 2011, at 9:52 PM, Joe Abley wrote:
>
>> If the DNS was as unreliable as those words suggested, nobody would use it.
>
> I see evidence of this unreliability every day, so I must respectfully
> disagree.
>
> ;>
>
>> The reality is that everybody uses it.
>
> The reality is that they don't really have a choice, now, do they?
>
> ;>
I think it's actually correct, and backs up Danny's point: it is very useful
to be able to use a system that is: deployed, understood, operationally
viable, etc. The risk of designing from scratch is best described by the
lead time many other architectural changes have/are facing in being
deployed.
I think the bottom line is that this infrastructure will allow a security
solution to reach deployment _much_ sooner than a green-field design.
Eric
