Wes, At 2016-08-01 15:00:52 -0700 Wes Hardaker <wjh...@hardakers.net> wrote:
> The following draft, authored by Warren and I, might be of interest to > the dnsop crowd: > > https://tools.ietf.org/html/draft-hardaker-rfc5011-security-considerations-00 > > [it currently does not have a home] Reading this document it basically seems like the hold-down timer is actually a potential for mischief, rather than a good thing. There is no mitigation recommended, right? I can't think of a fix that doesn't involve protocol changes. My own feeling is that the hold-down timer is tricky operationally, and adds no actual value. I'd support using your draft as the basis of a proposal to deprecate the hold-down timer completely. Cheers, -- Shane
pgpkqZwr7VH6_.pgp
Description: OpenPGP digital signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
