On Thu, 23 Mar 2017, Suzanne Woolf wrote:
1. The protocol is sufficiently functional for deployment without working capability for DNSSEC validation.
No, what was said was there wasn't very much dnssec validating stubs out there to cause visible problems at this moment.
2. Having a single-label name is more important for the functioning of the protocol than having DNSSEC validation work.
The phrase "more important" is pretty meaningless. And as was indicated, it is all based on the levels of DNSSEC deployment on stubs, which could change dramatically if one phone vender would suddently enable validation or default to DNS-over-TLS to 8.8.8.8. I would also want to add that dnsop (including myself!) pretty much failed the homenet WG. We were asked to review docs before RFC-7788 got published in April 2016. Then we raised the alarm about .home and I remember .homenet being a very early alternative, maybe even suggested by dnsops. And now a year later dnsops is back to telling homenet they cannot use this string either. I don't think they deserve another one or two years waiting time to talk about homenet.arpa or homenet.ietf. I would again like to suggest that Special Use Names is moved to be discussed outside dnsops. Paul _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
