On 23 March 2017 at 13:50, Ray Bellis <r...@bellis.me.uk> wrote: > > > Hence w.r.t Matt Pounsett's argument that the -redact document go first > and then the assignment of ".homenet" be done later, the Homenet WG has > argued *very* strongly that this is not acceptable because it leaves > HNCP in an indeterminate state. > > On the other hand, as Ralph Droms points out, not going ahead with either leaves .home in an indeterminate state. And, going ahead with both in the absence of an answer on the homenet. insecure delegation (assume a hypothetical third hand) leaves the whole thing undeployable in the presence of any validation between the local nameserver authoritative for .homenet and and-user applications. Validating applicatinos, stubs, localhost resolvers, and forwarders all break HNCP, unless I've completely misunderstood something.
Since we're trying to encourage validation as close to the application as possible, I would think we'd avoid attempting to deploy things that cannot work with application-level validation.
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
