On 3/13/2017 7:58 AM, Paul Wouters wrote:
On Mar 13, 2017, at 15:44, Dave Crocker <d...@dcrocker.net> wrote:
On 3/13/2017 4:11 AM, Paul Wouters wrote:
The draft breaks DNSSEC.
...
I have proposed a method that would not change the RPZ response for a
non-DNSSEC client, but would add data for DNSSEC capable clients to be
That sounds like an excellent bit of technical enhancement to consider...
/after/ documenting /existing/ practice.
I would have agreed if the feature didn't break my DNS.
Actually, that's exactly the kind of reason to have existing practice
documented inside a working group rather than outside.
Besides seeking to make such a document accurately specify the technical
details, there is the need to document the implications. That is
benefits and problems.
This lays some foundation for future work, to fix problems, as well as
add enhancements.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
