On 13 Aug 2014, at 20:16, Mark Andrews <ma...@isc.org> wrote: > Can we please move on this. > > The reverse address are not yet insecurely delegated as > would be required for RFC 6598 compliance. This is starting > to cause operational problems for ISP's that validate DNS > responses as they can't deploy local IN-ADDR.ARPA zones > until that insecure delegation is done. > > Also should I add a reminder to the IANA Considerations that > the insecure delegation needs to be performed? > > e.g. > > "IANA is reminded that a insecure delegation for these zones > is required for compliance with RFC 6598 to break the DNSSEC > chain of trust."
I'm confused. We're talking about 100.64.0.0/10, I think. The only delegation under IANA's control is 100.in-addr.arpa to nameservers operated by ARIN, which is (and should be, I think) a secure delegation. What are you asking IANA to do? Make a request of ARIN? Something else? More generally, if you are asking the chairs to facilitate the process of adoption of this draft by the dnsop wg, it might be as well to say so clearly (it's not obvious from your message above). Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
