[ Quoting <m...@nthpermutation.com> in "Re: [DNSOP] Working Group Last 
Call...." ]
I'm not convinced of the general utility of this scheme. 
It feels like DNS bloat and more a solution in search of a problem.  
That said, I appreciate  Duane's willingness to make changes to fix
some of the more egregious problems.

I like to echo this sentiment; esp considering this draft is heading towards a 
standards
track.

Also the example given in 1.1 Motivation is a bit weak:

"For example, a name server loading saved zone data upon restart cannot 
guarantee that the
on-disk data has not been modified.  For these reasons, it is preferable to 
secure the
data itself."

That looks like an implementation detail for nameservers loading the zone, not 
something
the IETF should fix.

/Miek

--
Miek Gieben

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to