Date: 20 Nov 2002 20:34:39 -0000
Message-ID: <20021120203439.43796.qmail@cr.yp.to>
Automatic-Legal-Notices: See http://cr.yp.to/mailcopyright.html.
From: "D. J. Bernstein" <djb@cr.yp.to>
To: namedroppers@ops.ietf.org
Subject: Re: Clear path? I'll give you clear path
References: <013701c290c0$cc956aa0$3980830a@typhoon> <85278.1037820450@shell.nominum.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Jim Reid writes:
> An extra port for DNS may well create lots of operational problems,
> like requiring another hole to get punched though everyone's firewall
> and router configurations.

``An extra port for this new-fangled HTTP thing may well create lots of
operational problems, like requiring another hole to get punched through 
everyone's firewall and router configurations. Let's stick to the FTP
port. And, hey, let's remember to force every FTP server on the Internet
to upgrade to deal with HTTP; my company's FTP server supports HTTP, so
I don't see why this is a problem. Now, what did you say the benefit of
separate ports was supposed to be?''

---D. J. Bernstein, Associate Professor, Department of Mathematics,
Statistics, and Computer Science, University of Illinois at Chicago

P.S. I can predict Jim's response, too: ``HTTP is a different protocol
from FTP, whereas DNSSEC is the same protocol as DNS. See, the word
"DNSSEC" starts with "DNS", so they're the same protocol. That's why
they go on the same port. This is how we make engineering decisions.''