On Fri, Feb 08, 2019 at 02:58:38PM +0100, Alexander Mayrhofer <alex.mayrhofer.i...@gmail.com> wrote a message of 59 lines which said:
> Feedback highly appreciated, I think that it is an important work because it brings the power of the DNS to many other identifier systems. So, I support it. May be more examples could help people figure out the use cases? "My Bitcoin address is at foobar.example" and then the Bitcoin software would query _did.foobar.example and get <did:bitcoin:1NZc7FJ7eHJgRMRSrmncJJM9bPnusJeuR6>. I note that there exists already non-standard (and probably not really deployed) solutions in that space, some specific to a TLD <https://www.nominet.uk/domain-names-unlock-new-potential-on-blockchain/> <http://domainincite.com/23273-my-brain-explodes-trying-to-understand-mmxs-new-blockchain-deal-for-luxe> Regarding draft -01: it seems OK to me. The only problem I find: > particularly the concerns around downgrade attacks when the record > is not signed Why downgrade attacks specifically? Without DNSSEC, a lot of attacks are possible. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
