Posts categorized “DNSSEC”.

Episode 30

In this latest episode of our evidently-now-quarterly podcast, Matt and Cricket answer Donald Rudder’s question about how common the A6 record is and its effect on DNSSEC.  Then they discuss the upcoming change of’s IPv4 address and the implications of that change.  And despite having only one question to answer, they manage to take up the usual 30 minutes!

Episode 29

In this episode, Matt and Cricket finally throw in the towel and give up on promising podcasts on any regular schedule.  But they do manage to clear Mr. DNS’s mailbag, answering questions from Ismael Lezcano about the availability of good programming APIs for working with DNS and why BIND doesn’t have a good mechanism for creating and deleting zones dynamically; and from William Brown  about how to induce major registrars to support DNSSEC.

Episode 28

In this (much delayed) episode, Matt and Cricket discuss the folly of trying to hew to a podcast-publishing schedule, and answer (or avoid) questions from Sevan Janiyan and Yiorgos Adamopoulos on what operating systems and software the root name servers run; from Kent Shuey on why a device that implements only part of the DNS specs seems to work okay on his network; and from Todd Larsen (apparently of Danish descent) on where he can go to meet like-minded souls discussing current issues with DNS and DNSSEC (God help him) and whether DANE’s TLSA record can coexist with a CNAME record.

Episode 25

In this episode, Matt and Cricket attempt to answer all nine of Jorge Fábregas’s “couple of questions” in a lightning round.  Then they swap war stories about all the travel they’ve been doing and have yet to do (implicitly offering excuses for the long gap between episodes), and finally – and inevitably – discuss Neal Stephenson’s new book, REAMDE.

Meet Matt and Me Live at FOSE 2011

If you’ve ever wanted to meet the men behind the mics, Matt and I will be speaking on a panel on DNSSEC at this year’s FOSE conference in Washington, D.C., from July 19th to 21st.  (We’re not speaking for three days, but the show runs that long.  We’re only speaking on Tuesday at 3:15.)

The other guys on the panel are no slouches, either:  Nate Meyer from F5 and Alan Clegg from ISC.

The folks who run FOSE have graciously offered to extend a 20% discount to our listeners, too.  For details, click here.

Episode 22

After a respite carefully timed to avoid the Ides of March, Matt and Cricket answer Brian Mazzocco’s question about the meaning of strange, possibly European symbols in zone data files; address John Shin’s question about how validating, recursive name servers handle aliases from signed zones to unsigned zones; and assess Gavin Brown’s suggestion for automatically bootstrapping DS records from a signed child zone into its parent.

Episode 21

In this mercifully digression-free episode – perhaps not coincidentally taped in-person in Cricket’s office in Santa Clara – Matt and Cricket answer Josh Baverstock’s umpteenth question, this one about storing certificates in DNS, as well as Dirck Copeland’s and Bob Harold’s related questions about bad delegations.  Josh, Dirck and Bob will each receive a handsome black Practice Safe DNS tee shirt courtesy the Public Interest Registry.  If we’ve got the right sizes, that is.

Episode 19

In this episode, Matt and Cricket beseech their legion of listeners to submit more questions, then turn Jeremy Laidman’s question about conditionally forwarding a subzone into an exhaustive (and somewhat exhausting) discussion of the history of BIND and conditional forwarding, and how to use conditional forwarding to build robust name resolution architectures.  Then they address Jesus Cea’s question about how to goad his provider of secondary name service into supporting DNSSEC.  In the process, they digress into the influence of “Top Gear” on impressionable youth, somewhat impractical advice on how HP could improve route aggregation through strategic acquisitions, and a comparison of various syndicated advice columnists.

Episode 18

In this podcast, Matt and Cricket answer Leen Besselink’s question about the viability of Dan Kaminsky’s proposed use of a clever DNSCurve concept in DNSSEC, and Matt offers his high opinion of the Dutch people (surely risking retribution by his Swedish countrymen).  Then they turn to Josh Baverstock’s question about why the LOC record failed to catch on, despite its obvious utility to cruise missiles with stub resolvers.  Finally, in yet another of their “Why, back in my day…” sessions, they lament the loss of summer vacations that lasted through Labor Day.

Episode 17

In this episode, Matt and Cricket reveal the first R-rated movies they saw and the circumstances in which they saw them. Oh, and they answer Rob Szarka’s question about the maximum number of NS records a zone can contain and Matt’s unnamed colleague’s question about why we need intrazone NS records at all. Then Matt gives us an insider’s look at the Root Zone’s Key Ceremony.