Posts categorized “DNSSEC”.

Episode 28

In this (much delayed) episode, Matt and Cricket discuss the folly of trying to hew to a podcast-publishing schedule, and answer (or avoid) questions from Sevan Janiyan and Yiorgos Adamopoulos on what operating systems and software the root name servers run; from Kent Shuey on why a device that implements only part of the DNS specs seems to work okay on his network; and from Todd Larsen (apparently of Danish descent) on where he can go to meet like-minded souls discussing current issues with DNS and DNSSEC (God help him) and whether DANE’s TLSA record can coexist with a CNAME record.

Play

Episode 25

In this episode, Matt and Cricket attempt to answer all nine of Jorge Fábregas’s “couple of questions” in a lightning round.  Then they swap war stories about all the travel they’ve been doing and have yet to do (implicitly offering excuses for the long gap between episodes), and finally – and inevitably – discuss Neal Stephenson’s new book, REAMDE.

Play

Meet Matt and Me Live at FOSE 2011

If you’ve ever wanted to meet the men behind the mics, Matt and I will be speaking on a panel on DNSSEC at this year’s FOSE conference in Washington, D.C., from July 19th to 21st.  (We’re not speaking for three days, but the show runs that long.  We’re only speaking on Tuesday at 3:15.)

The other guys on the panel are no slouches, either:  Nate Meyer from F5 and Alan Clegg from ISC.

The folks who run FOSE have graciously offered to extend a 20% discount to our listeners, too.  For details, click here.

Episode 22

After a respite carefully timed to avoid the Ides of March, Matt and Cricket answer Brian Mazzocco’s question about the meaning of strange, possibly European symbols in zone data files; address John Shin’s question about how validating, recursive name servers handle aliases from signed zones to unsigned zones; and assess Gavin Brown’s suggestion for automatically bootstrapping DS records from a signed child zone into its parent.

Play

Episode 21

In this mercifully digression-free episode – perhaps not coincidentally taped in-person in Cricket’s office in Santa Clara – Matt and Cricket answer Josh Baverstock’s umpteenth question, this one about storing certificates in DNS, as well as Dirck Copeland’s and Bob Harold’s related questions about bad delegations.  Josh, Dirck and Bob will each receive a handsome black Practice Safe DNS tee shirt courtesy the Public Interest Registry.  If we’ve got the right sizes, that is.

Play

Episode 19

In this episode, Matt and Cricket beseech their legion of listeners to submit more questions, then turn Jeremy Laidman’s question about conditionally forwarding a subzone into an exhaustive (and somewhat exhausting) discussion of the history of BIND and conditional forwarding, and how to use conditional forwarding to build robust name resolution architectures.  Then they address Jesus Cea’s question about how to goad his provider of secondary name service into supporting DNSSEC.  In the process, they digress into the influence of “Top Gear” on impressionable youth, somewhat impractical advice on how HP could improve route aggregation through strategic acquisitions, and a comparison of various syndicated advice columnists.

Play

Episode 18

In this podcast, Matt and Cricket answer Leen Besselink’s question about the viability of Dan Kaminsky’s proposed use of a clever DNSCurve concept in DNSSEC, and Matt offers his high opinion of the Dutch people (surely risking retribution by his Swedish countrymen).  Then they turn to Josh Baverstock’s question about why the LOC record failed to catch on, despite its obvious utility to cruise missiles with stub resolvers.  Finally, in yet another of their “Why, back in my day…” sessions, they lament the loss of summer vacations that lasted through Labor Day.

Play

Episode 17

In this episode, Matt and Cricket reveal the first R-rated movies they saw and the circumstances in which they saw them. Oh, and they answer Rob Szarka’s question about the maximum number of NS records a zone can contain and Matt’s unnamed colleague’s question about why we need intrazone NS records at all. Then Matt gives us an insider’s look at the Root Zone’s Key Ceremony.

Play

Episode 16

In this episode, for the first time ever, Matt and Cricket are joined by a dozen DNS dignitaries to answer a question from Alejandro Acosta about when to plug trust anchors into his name servers’ configurations and begin validating, and Bob Lee’s question about which tools to use to check his zone data and his name server’s configuration.  Then they discuss DENIC’s recent Worst Day Ever after they published a truncated zone data file for .DE.  And Mr. DNS is amazed to learn how many dynamic zone hosting services are blocked from China.

Mr. DNS sends special thanks to Dyn Inc. for their support of this Ask Mr. DNS episode.  Dyn provided the venue, the equipment and their famous New England hospitality.  Thanks also to all of the panelists for their good humor and participation.

Play

Episode 15

In this episode, Matt and Cricket reminisce about G jobs and the Good Old Days at pre-Carly HP, and answer Noe Nevarez’s question about apparent timeouts in nslookup and Alan Shackelford’s question about the effect of signing a parent zone on its subzones.  Then Matt plugs DNS-OARC in an act of contrition and proceeds to throw Cisco under the bus for offering an option in CNR that’s less than infrastructure-friendly.  And finally – and somewhat predictably – the conversation veers off into movies featuring people who can’t form long-term memories (though, incredibly, they forget Dory in “Finding Nemo”!) and upcoming business travel.

Play