Re: [DNSOP] I-D Action: draft-ietf-dnsop-domain-verification-techniques-03.txt

2024-02-20 Thread Shumon Huque
Thanks for this helpful input! (In theory DNSSEC could prevent falsified responses about scope, but I realize that it's not widely deployed :( Let's also think about the more general (non-ACME) application use case too. Maybe multiple possible ways to indicate scope are needed. Shumon. On Tue,

Re: [DNSOP] I-D Action: draft-ietf-dnsop-domain-verification-techniques-03.txt

2024-02-20 Thread Amir Omidi
There are some benefits in ACME for it being on the label (At least in the ACME use case): It being on the label provides external confirmation that the ACME server did the correct thing. If it's part of the response, it's a lot easier for an ACME server to falsely claim the scope was something ot

Re: [DNSOP] I-D Action: draft-ietf-dnsop-domain-verification-techniques-03.txt

2024-02-19 Thread Shumon Huque
On Mon, Feb 19, 2024 at 6:55 PM Paul Wouters wrote: > On Sat, 17 Feb 2024, Shumon Huque wrote: > > I'm sure other folks will chime in with their views. But I want to ping > Paul Wouters specifically - since you are one of > > the expert reviewers for this registry and an author of > domain-verifi

Re: [DNSOP] I-D Action: draft-ietf-dnsop-domain-verification-techniques-03.txt

2024-02-19 Thread Paul Wouters
On Sat, 17 Feb 2024, Shumon Huque wrote: Should the IANA registry be involved for the `wildcard`, `host`, and `domain` scope values that are mentioned in the draft? Are you referring to the 'Underscore and Globally Scoped DNS Node Names registry' located here?   https://www.ia

Re: [DNSOP] I-D Action: draft-ietf-dnsop-domain-verification-techniques-03.txt

2024-02-17 Thread Shumon Huque
On Wed, Feb 7, 2024 at 1:32 PM Amir Omidi wrote: > Should the IANA registry be involved for the `wildcard`, `host`, and > `domain` scope values that are mentioned in the draft? > Amir, Are you referring to the 'Underscore and Globally Scoped DNS Node Names registry' located here? https://www.

Re: [DNSOP] I-D Action: draft-ietf-dnsop-domain-verification-techniques-03.txt

2024-02-07 Thread Amir Omidi
Should the IANA registry be involved for the `wildcard`, `host`, and `domain` scope values that are mentioned in the draft? -- Amir Omidi (he/them) ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] I-D Action: draft-ietf-dnsop-domain-verification-techniques-03.txt

2023-10-17 Thread Shivan Kaul Sahib
Hi folks, summary of changes in latest version: 1. We added Erik Nygren as a co-author. Thanks Erik! 2. Added text on use of domain validation records by Intermediaries (such as CDNs). 3. Added text on multi-account and multi-intermediary cases. 4. Added text for domain boundaries a

[DNSOP] I-D Action: draft-ietf-dnsop-domain-verification-techniques-03.txt

2023-10-17 Thread internet-drafts
Internet-Draft draft-ietf-dnsop-domain-verification-techniques-03.txt is now available. It is a work item of the Domain Name System Operations (DNSOP) WG of the IETF. Title: Domain Control Validation using DNS Authors: Shivan Sahib Shumon Huque Paul Wouters