On Mar 23, 2017, at 12:27 AM, John Levine <jo...@taugh.com> wrote: > - waits many, many years while ICANN does what ICANN does about anything new > > At this point I see the only plausible options as choose .homenet and > require all validating resolvers to special-case it, or choose > .homenet.arpa and put whatever DNSSEC magic we need into .arpa.
The working group is aware of the "wait many years" part of this approach, and is willing to try and see. If the working group sees no progress over the course of the next few years, we may shift to the latter approach. At present, the former approach isn't necessary because hosts don't validate. It could be argued that we are not treating this potential emergency seriously enough; one solution would indeed be to require that resolvers special-case .homenet, but if we are to do that, it would be good to have a complete specification for how that is done, and that would be in a follow-on document.
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
