On 11 Dec 2017, at 19:50, Ted Lemon <mel...@fugue.com> wrote: > On Dec 11, 2017, at 11:17 AM, Joe Abley <jab...@hopcount.ca> wrote: >> Note though that the homenet document specifically requests a delegation. > > Please do not read more into the document than was intended. What Mark is > saying looks to me like an accurate representation of what we intended. The > goal is simply for it to be the case that there is not an unsigned delegation > for home.arpa, which means that it has to point _somewhere_. I am a bit > frustrated to hear that this is turning into a substantial amount of effort. > It should be extremely simple. There is no wrong answer for what the > delegation looks like other than "signed."
So it's fine if the delegation is secure (which is I presume what you mean by signed) but lame? The document actually specifies quite clearly that the delegation "MUST NOT include a DS record" which seems to be different from what you are saying. It also specifies that the delegation "MUST point to one or more black hole servers", which is pretty vague language following a MUST. I appreciate that the intention of homenet may well have been clear, but the text in section 7 is definitely not clear. I think actually it would have been reasonable for IANA to send it back as ambiguous before it got to the RFC Editor queue. Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
