Éric Vyncke has entered the following ballot position for
draft-ietf-dnsop-rfc8109bis-06: Yes

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to 
https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ 
for more information about how to handle DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc8109bis/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------


# Éric Vyncke, INT AD, comments for draft-ietf-dnsop-rfc8109bis-06

Thank you for the work put into this document.

Please find below two non-blocking COMMENT points.

Special thanks to Tim Wicinski for the shepherd's detailed write-up including
the WG consensus but it lacks the justification of the intended status (and
uses the old template).

Other thanks to Dirk Von Hugo and Patrick Mevzek, the Internet and DNS
directorates reviewers (at my request), please consider these reviews:

-
https://datatracker.ietf.org/doc/review-ietf-dnsop-rfc8109bis-06-intdir-telechat-von-hugo-2024-08-19/
(and I have read the Paul's short reply)

-
https://datatracker.ietf.org/doc/review-ietf-dnsop-rfc8109bis-06-dnsdir-telechat-mevzek-2024-08-19/
(it was posted yesterday and contains some valid points that should be replied
to)

I hope that this review helps to improve the document,

Regards,

-éric

# COMMENTS (non-blocking)

## Section 1.1

Nice to remove "man-in-the-middle" but it is replaced by "on-path attacker" and
not by "machine-in-the-middle" ;-)

Should there be a note in this section asking the RFC editor to remove this
section ? or move it in appendix? This is a matter of taste of course.

## Section 3

Like Patrick Mevzek, I also wonder about `The priming query can be sent over
either UDP or TCP`, of course Do53 is currently the only supported way for the
root servers. With the experimental RFC 9539, should it be stated that only
Do53 must be used for priming ? I.e., a stricter text than now, e.g., "MUST be
sent over either UDP or TCP to port 53" ?



_______________________________________________
DNSOP mailing list -- dnsop@ietf.org
To unsubscribe send an email to dnsop-le...@ietf.org

Reply via email to