On 4/23/25 16:15, Philip Homburg wrote:
The ICANN Board acted based on recommendations from the ICANN SSAC in SSAC113: https://itp.cdn.icann.org/en/files/security-and-stability-advisory-committee- ssac-reports/sac-113-en.pdf There are plenty of SSAC members on this mailing list; they can explain why the report (and thus the recommendations to the board) do not include a recommendation for insecure delegation.
Not all of them were in the SSAC at the time. ;-)
For this working group, I think it is safe to assume that ICANN will not create an insecure delegation for internal. So in my opinion this draft should not be adopted. The best solution is no IETF document at all. That leaves the IETF out of this issue.
I agree. Be it upon advice of SSAC or not, if we find ourselves in a situation that this WG has no good way of dealing with, I think it's OK to not deal with it. Note that I'm not blaming anyone. My view is that likely an oversight happened somewhere; that's normal and OK. But this WG does not need to produce something on top of it. That said, I think it would still be a good idea to invoke the liaison and ask about ICANN's view on this (potential?) mistake, and how their definition of "delegation" (to NS? to registry?) plays into this. What's the process for such an interaction? (Feel free to take off-list.) Best, Peter -- https://desec.io/ _______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
