From: Andrew Newton (andy) <a...@hxr.us> Sent: Friday, May 10, 2024 9:37 AM To: Hollenbeck, Scott <shollenb...@verisign.com>; gavin.br...@icann.org Cc: regext@ietf.org Subject: [EXTERNAL] Re: [regext] Re: [Ext] Re: I-D Action: draft-ietf-regext-epp-delete-bcp-02.txt
Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. On 5/9/24 15:33, Hollenbeck, Scott wrote: [SAH] The context is given in the Section title and the included back references. They're proposed best practices. The back-referenced text that describes each practice notes that they haven't been observed in operation. We could add something like "The practices in this section are described as "best practices" because they address the operational risk and have been observed in operation" to 6.1 and "The practices in this section are described as "proposed best practices" because they address the operational risk and haven't been observed in operation" to 6.2. Would that help? Thanks for this clarification. But now for the big question: while the practice described in 5.1.9. "Renaming to a Host Object Maintained by the Client" is a current practice, is it really a "best" current practice? As the text suggests, it is the breakdown of this practice that leads to Risky-Bizness domain hijacks. [SAH] 5.1.9 is focused on use of a sacrificial name server, not the type that can be hijacked. Maybe that section should be renamed to “Renaming to a Sacrificial Name Server Host Object Maintained by the Client”. Scott
_______________________________________________ regext mailing list -- regext@ietf.org To unsubscribe send an email to regext-le...@ietf.org
