On Sat, 25 Oct 2014, Paul Ebersman wrote:
Have you actually read through the new draft? It specifically prohibits automatic installation of NTAs and says that you should have folks familiar with operating DNS servers making any decisions.
That's my problem with the document. It describes a local policy that a site might have. And documents three software implementations on how to make such a negative trust anchor. Is that what an IETF document should do?
That isn't painless. It means that this skips past all 1st tier and gets to senior engineers. Don't know about you but I hate getting on-call problems caused by someone else that I have no direct way to fix but that my customers beat me for.
I did not get from reading the draft how I suddenly get much better engineering contacts with big players. In fact, the draft tells me the NTA's I create should not be distributed outside my administrative domain. So I'm confused. What is the goal of this document? How does it help us? Paul _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
