liruochen \(A\) <li.ruochen=40huawei....@dmarc.ietf.org> wrote:
> Dear ACME chairs,
> We would like to request for a 5-10 min time slot at IETF122 to introduce
our new draft.
> Title: Secure DNS RR Update for ACME DNS Based Challenges
> URL: https://datatracker.ietf.org/doc/draft-li-acme-dns-update/
> length: 5-10 min
> Presenter: Li Ruochen
I'm struggling to understand what this document standardizes other than
saying, "Use RFC3007"
Perhaps if it's making some operational statement, then it's some kind of
BCP. It seems that it's just adding a layer of indirection via the OAM.
It would be different storey if what was proposed was a new YANG module to
configure the TSIG/SIG(0) update key. SIG(0) is way better to use, although
it's been harder for people to configure.
I'd want to go even further and define a cloud-init method to configure these
keys. That's not an IETF responsability, but worth describing.
--
Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Acme mailing list -- acme@ietf.org To unsubscribe send an email to acme-le...@ietf.org
