On Aug 9, 2021, at 1:34 PM, Paul Wouters <p...@nohats.ca> wrote: > I understand some people feel the experiment has no value to them.
As far as I can tell after reviewing the archives, none of the people who supported moving the "powerbind" draft to be a WG item indicated that the draft had any value to them. Now that the draft has matured more, it is clear that there is likely no real value unless a DNS transparency log is widely deployed (see the last paragraph of Section 3.1). > But > should the WG really prevent the experiment? Yes. The proposal is: - complicated (see Section 5, which is still quite under-specified) - only useful if delegation-heavy zones adopt it - only useful if resolver operators implement it to introduce a new resolution failure mode - of no real value to those delegation-heavy zones > It also comes with an > additional risk that there will appear "adhoc solutions" that try > to implement the "delegation only" policy based on hardcoded lists, due > to the lack of parental signaling for this. Such lists would not work well, particularly for zones that have (or might ever have) _labels in names at the apex. But, if there is enough interest in ad hoc solutions in this space, the WG could react to those in the future with this proposal or one that is better. --Paul Hoffman
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
