I want this draft to move forward, but upon review I noted with concern the
security section text:
DNS error reporting is done without any authentication between the
reporting resolver and the authoritative server of the agent domain.
Authentication significantly increases the burden on
Roy Arends writes:
> That, IMHO is already captured by the last paragraph. I did not
> explicitly write a recipe of how to do that, and which servers could
> be used for that :-). Could you suggest text to improve the last
> paragraph without naming services?
Erg. I hate it when I have to come
Hi,
I have just drafted a secure transport and a security considerations
section, that I believe provide sufficient guidance to a DRO. I expect to
further review these sections and publish a new version very soon. As
always, comments are welcome.
https://github.com/mglt/draft-mglt-dnsop-dnssec-v
[ids2023-da-nang-3125x1771-5sep22-en.png]
Dear colleagues,
ICANN’s Office of the Chief Technology Officer is pleased to announce that the
sixth ICANN DNS Symposium (IDS 2023) will be held on 5 September 2023 in Da
Nang, Vietnam. IDS 2023 will be co-located with “A Day of DNS Abuse
Discussions
After a quick read of Generalized DNS Notifications, -01, I have some comments:
It would be ludicrous of me to argue against the notion that event driven
approaches are superior to polling approaches. However, event driven
approaches require more design work which is why it is natural for polli
Hi Libor, all,
On 6/22/23 11:42, libor.peltan wrote:
here are my comments to draft-thomassen-dnsop-cds-consistency-03.
Thank you very much!
"In all cases, consistency is REQUIRED across received responses only. Nameservers
that appear to be unavailable SHOULD be disregarded as if they were
On 6/21/23, 4:46 PM, "DNSOP on behalf of Robert Edmonds"
wrote:
>"In-bailiwick" vs. "out-of-bailiwick"
I think the topic is no longer important. But I'll explain why I brought up
"bailiwick" in this context.
Bailiwick, according to a (non-technical/natural language dictionary, such as
Merri
A New Internet-Draft is available from the on-line Internet-Drafts
directories. This Internet-Draft is a work item of the Domain Name System
Operations (DNSOP) WG of the IETF.
Title : Consistency for CDS/CDNSKEY and CSYNC is Mandatory
Author : Peter Thomassen
Filename
Hi,
here are my comments to draft-thomassen-dnsop-cds-consistency-03.
"In all cases, consistency is REQUIRED across received responses only.
Nameservers that appear to be unavailable SHOULD be disregarded as if
they were not part of the NS record set."
I don't feel confident about the consequ
On 6/21/23 17:04, Peter Thomassen wrote:
The existing documents lack any words on where specifically to query for
CDS/CDNSKEY, and also what to do in case of inconsistencies.
Section 3.1 says:
[...]
Does that clarify the issue?
To avoid leaving this "hanging open": After an off-list cha
10 matches
Mail list logo
