Date: 11 Jan 2000 00:24:30 -0000
Message-ID: <20000111002430.10153.qmail@cr.yp.to>
From: "D. J. Bernstein" <djb@cr.yp.to>
To: Olafur Gudmundsson <ogud@tislabs.com>
Cc: randy@psg.com, djb@cr.yp.to
Subject: Re: namedroppers mismanagement
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii

I'm distributing a new DNS implementation. Interoperability with the
existing DNS infrastructure is essential.

I mentioned to another DNS implementor that I was using random query IDs.
He said that he had encountered disastrous interoperability problems
with random IDs some time ago: some servers crashed, apparently when IDs
were repeated too quickly.

If his analysis was correct, and if the interoperability problem still
exists, then I NEED TO KNOW RIGHT NOW. Delays are inexcusable. Your
suggestion of ``security related censorship'' is both naive and morally
bankrupt. You should be ashamed of yourself. 

Similarly, if BIND has workarounds for the bug that produced the screwy
wildcards shown in the message that Bush discarded, or if there's some
interoperability reason that BIND violates the RFC 1034 rule on RD+RA
responses, then I NEED TO KNOW RIGHT NOW.

In each case, if there really is an interoperability problem, DNSEXT
should be working on an immediate DNS spec update that documents the
problem. These protocol issues are clearly within the DNSEXT charter,
and are far more important for new implementors than, say, IXFR.

> any suggestions 
> that help the working group in function better are greatly appreciated. 

How about you start by obeying RFC 2418, section 3.2?

Point out my http://cr.yp.to/dnscache/namedroppers.html web page to the
namedroppers subscribers. I'd do this myself if Bush weren't censoring
my complaints to the list.

See if the working group, not to mention the IESG, approves of what Bush
has done. I bet most subscribers think that namedroppers is moderated
``just to keep the spam out''---to quote Paul Vixie---and will be
surprised to learn what's actually been happening.

---Dan