[At-Large] RES: DNSSEC and end users
vanda at uol.com.br
Wed Feb 9 19:03:49 UTC 2011
I tend to agree with the idea that come back with a warning is dangerous
since the users really ignore such alerts. To come blank is the best way.
The user will give up after some tentative.
Polo Consultores Associados
Alameda Santos 1470 1407,8
01418-903 São Paulo,SP, Brasil
Tel + 5511 3266.6253
Mob + 55118181.1464
De: at-large-bounces at atlarge-lists.icann.org
[mailto:at-large-bounces at atlarge-lists.icann.org] Em nome de Patrick Vande
Enviada em: quarta-feira, 9 de fevereiro de 2011 05:20
Para: At-Large Worldwide
Assunto: [At-Large] DNSSEC and end users
Good morning to all,
This is your SSAC liaison speaking. I am requesting your thoughts on what
expected impact DNSSEC will have on end users. My goal is to contribute
ideas to the the agenda of the DNSSEC sessions at the San Francisco meeting.
Currently, with DNSSEC enabled
on the DNS resolver you use (typically, the one assigned to you by your
ISP), a domain name failing DNSSEC resolution returns a code to your browser
saying the domain does not exist. You would get a blank page displayed in
your browser saying the domain is unreachable, similar to what you get when
you type an invalid domain name in the browser bar.
Some suggest that browsers should return a warning instead, similar to the
one you get with an invalid SSL certificate. The counter-argument to this is
that most users tend to ignore these warnings anyway and just click OK to go
ahead. Further, some say that ISP support desks will get lots of calls from
customers complaining about "the Internet is not working" if users are
annoyed by pop-up messages, for what appears to be legitimate domain names.
Obviously, I do not claim that the Internet is just the web. But is is right
now the most visible part and the one which requires direct interaction from
I am interested in
your thoughts about this.
Patrick Vande Walle
At-Large mailing list
At-Large at atlarge-lists.icann.org
At-Large Official Site: http://atlarge.icann.org
More information about the At-Large