On Tue, Oct 22, 2024 at 2:59 PM Ben Schwartz <bemasc= 40meta....@dmarc.ietf.org> wrote:
> I think this draft should offer more background on the problem space, > describing the situations where these DCV patterns are appropriate or > inappropriate. In particular, I would like to see text clearly > distinguishing two patterns: > > 1. "Domain Control Validation" -> Prove that the owner of this account > controls this DNS name (by placing a random token in an ephemeral TXT > record). > 2. "Domain Account Authorization" -> Prove that the owner of the DNS name > authorizes this account (by placing the account name in a persistent TXT > record). > This draft is about the former - verifying that some entity has control over a domain. There are misc examples about how specific applications authorize something based on the result of the domain control validation action, but the main topic of the draft is mechanisms for performing DCV. Perhaps we should make that clearer. Shumon.
_______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
