[ Quoting <m...@nthpermutation.com> in "Re: [DNSOP] Working Group Last Call...." ]
I'm not convinced of the general utility of this scheme. It feels like DNS bloat and more a solution in search of a problem. That said, I appreciate Duane's willingness to make changes to fix some of the more egregious problems.
I like to echo this sentiment; esp considering this draft is heading towards a standards track. Also the example given in 1.1 Motivation is a bit weak: "For example, a name server loading saved zone data upon restart cannot guarantee that the on-disk data has not been modified. For these reasons, it is preferable to secure the data itself." That looks like an implementation detail for nameservers loading the zone, not something the IETF should fix. /Miek -- Miek Gieben _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop