On 1 Nov 2017, at 6:48, Edward Lewis wrote:
The reason why I'm digging into this is that "things change."
As a recap: this thread started with Moritz quoting from RFC 4035 and asking:
Did we miss something, or is there indeed clarification needed?
I believe that RFC 4035 indicates success in any chain means that the validator should mark it as Secure.
Mike StJohns pointed out that RFC 6840 gave different guidance. That guidance suggests a default scheme and says that it should be up to validator configuration.
RFC 6840, which as the the latest standards-track text on the topic, was published in 2013. If things have changed since 2013, an update to RFC 6840 should be started.
--Paul Hoffman _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
