[ not subscribed to dnsop, so this might not post to the list; please cc
me on replies ]
On Wed 2015-05-20 08:06:11 -0400, Tom Ritter wrote:
> On 5/19/15 5:18 PM, Suzanne Woolf wrote:
>> 4. It's been pointed out that the maintenance of the special use names
>> registry is complicated by the fact that people used to be able to
>> assume the root zone was relatively stable, and this assumption has
>> become less defensible. (ICANN is not currently accepting new
>> applications for TLDs, and has no announced schedule for opening an
>> application window again, but has said they plan a future application
>> round.) Is there something that the IETF should be doing to help DNS
>> implementers and operators handle this change in the environment?
>
> Yes - and I've not been following the effort closely, but I believe it's
> being done over in DBOUND in their work to replace the Public Suffix List.
>
> Because (AIUI) DBOUND is intended to specify security-relevant zone cuts
> *in DNS* using it to specify names that are reserved in DNS but not _in_
> DNS might come out a little weird... but it seems like the most relevant
> place to at least take the idea and discuss it.
The above is a little hard to parse, but i think Tom is suggesting that
dbound will not result in a "security-relevant zone cut" mechanism that
is implemented in the DNS itself.
i don't think that constraint is a given for DBOUND work at all (though
i might be confused -- hopefully other dbounders can comment).
I think the most likely way for DBOUND to be implemented is to introduce
some sort of "organizational boundary goes here" DNS record, and the
wrangling is going to be around what that record looks like and what its
semantics will be.
Regards,
--dkg
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
