Florian Obser wrote on 2023-03-01 22:42:
I might not be caffeinated enough yet, but I think the next domain name
in section 5 should be \000.ent1.example.net:
ent1.example.net. 3600 IN NSEC \000.ent1.example.net. RRSIG NSEC ENT
In section 6, calling getaddrinfo() return values e
I might not be caffeinated enough yet, but I think the next domain name
in section 5 should be \000.ent1.example.net:
ent1.example.net. 3600 IN NSEC \000.ent1.example.net. RRSIG NSEC ENT
In section 6, calling getaddrinfo() return values exit codes is a bit
odd, maybe this will do?
gih> for what its worth I would like to chime in and support George's
gih> view. The technique is NOT a lie per se.
I'll "me too" this with George and Geoff.
Figuring out a more efficient way to do what is ultimately wanted
(crypographically provable denial of existence) that works better than
th
Hi George,
On Wed, Mar 1, 2023 at 17:40, George Michaelson wrote:
> My opposition is philosophical and practical.
>
> the philosophical part, is that this is a SIGNED ASSERTION by the zone
> authority. I don't think anything the zone authority says under a
> signature should be called a lie, bec
for what its worth I would like to chime in and support George’s
view. The technique is NOT a lie per se. It's a stretch (well
its the opposite of “stretch” - its a “compression”) of the
intended contents of the denial of existence response, but it is not
a lie as I see it. I would be far more co
My opposition is philosophical and practical.
the philosophical part, is that this is a SIGNED ASSERTION by the zone
authority. I don't think anything the zone authority says under a
signature should be called a lie, because the basis of verification is
that its exactly what was intended to be sai
Dear WG,
This is a Call for Agenda Items for the IETF 116 in Yokohama, Japan.
Please email the chairs with your requests. *Or*
drop us a pull request
https://github.com/ietf-wg-dnsop/wg-materials/tree/main/dnsop-ietf116
look for dnsop-ietf116-agenda-requests.md.
Please Note: Draft Submissi
Hi folks,
We've posted a new draft describing the former "Black Lies" mechanism
for authenticated denial, now renamed as "Compact Lies".
https://datatracker.ietf.org/doc/draft-huque-dnsop-compact-lies/
We are hoping to discuss it here and at IETF116, and see if there is
interest in adopting
On Tue, Feb 21, 2023 at 5:50 AM Ralf Weber wrote:
>
> These “rare” cases where the domain is not resolvable when a glue is not
> present are the ones this draft is done for. So did you look how rare
> they were in your dataset? Being able to resolve instead of not resolving
> IMHO has value even
