Hi, Ben. We have updated this document per your note below.
The latest files are posted here. Please refresh your browser: https://www.rfc-editor.org/authors/rfc9704.txt https://www.rfc-editor.org/authors/rfc9704.pdf https://www.rfc-editor.org/authors/rfc9704.html https://www.rfc-editor.org/authors/rfc9704.xml https://www.rfc-editor.org/authors/rfc9704-diff.html https://www.rfc-editor.org/authors/rfc9704-rfcdiff.html https://www.rfc-editor.org/authors/rfc9704-auth48diff.html https://www.rfc-editor.org/authors/rfc9704-lastdiff.html https://www.rfc-editor.org/authors/rfc9704-lastrfcdiff.html https://www.rfc-editor.org/authors/rfc9704-xmldiff1.html https://www.rfc-editor.org/authors/rfc9704-xmldiff2.html Please note that my email address has changed from <lbartholo...@amsl.com> to <lbartholo...@staff.rfc-editor.org>. Thank you! RFC Editor/lb > On Jan 6, 2025, at 12:39 PM, Ben Schwartz <bem...@meta.com> wrote: > > > Ben, we have updated this document per your notes below, except for this > > item; please advise: > > >> Section 1: > >> "This specification expects that local DNS servers will be securely > >> identified ..." > >> -> This statement strikes me as more personifying than is necessary. It's > >> also strange because, leaving aside the specification's opinion, I don't > >> expect that most local DNS servers will be securely identified. The prior > >> text said "this specification relies on ...", in an attempt to convey the > >> idea that secure identification is a precondition, not a prediction (as > >> implied by the future tense "will be"). Other possible verbs for this > >> sentence would be "require" or "assume" (or "applies only to networks > >> where the local DNS server is securely identified", etc.). > > > It's not clear to us how, and where, we should make updates. Please > > specify, using "OLD" and "NEW" text. > > draft-14: > This specification relies on securely identified local DNS servers, > and checks each local domain hint against a globally valid parent > zone. > > OLD: > This specification expects that local DNS servers will be securely > identified and that each local domain hint will be checked against a > globally valid parent zone. > > NEW: > In this specification, network operators securely identify the local DNS > servers, and clients check each local domain hint against a globally > valid parent zone. -- auth48archive mailing list -- auth48archive@rfc-editor.org To unsubscribe send an email to auth48archive-le...@rfc-editor.org
