Re: [DNSOP] Privacy and DNSSEC

> Il 25/04/2020 08:23 Vladimír Čunát ha > scritto: > > Still, note that for some consumers the secure transport may be an > argument to drop validating DNSSEC themselves. If they choose some DNS > provider that they trust with privacy (it might be their ISP), it seems not a > huge l

Re: [DNSOP] New draft on delegation revalidation

On 25 Apr 2020, at 00:30, Shumon Huque wrote: > On Fri, Apr 24, 2020 at 6:21 PM Gavin McCullagh > wrote: > > PS How truly intractible is the registry argument? It seems something like > "When an NS change is made, TTL=3600 for the first N hours, then 2 days > the

Re: [DNSOP] Call for Adoption: draft-fujiwara-dnsop-avoid-fragmentation

All The call for adoption has ended and we've seen consensus to adopt this draft and for DNSOP to being working on it. We thank you for this. tim On Wed, Apr 15, 2020 at 5:18 AM Ralf Weber wrote: > Moin! > > On 14 Apr 2020, at 17:47, Tim Wicinski wrote: > > > This starts a Call for Adoption

[DNSOP] Call for Adoption: draft-pusateri-dnsop-update-timeout

All, As we stated in the meeting and in our chairs actions, we're going to run regular call for adoptions over next few months. We are looking for *explicit* support for adoption. This starts a Call for Adoption for draft-pusateri-dnsop-update-timeout The draft is available here: draft-pusateri

[DNSOP] The DNSOP WG has placed draft-pusateri-dnsop-update-timeout in state "Call For Adoption By WG Issued"

The DNSOP WG has placed draft-pusateri-dnsop-update-timeout in state Call For Adoption By WG Issued (entered by Tim Wicinski) The document is available at https://datatracker.ietf.org/doc/draft-pusateri-dnsop-update-timeout/ ___ DNSOP mailing list DN

Re: [DNSOP] Call for Adoption: draft-pwouters-powerbind

Petr Špaček writes: > I support adoption under condition that the envisioned "DNSSEC > Transparency" mechanism is documented and somewhat tested before > "powerbind" draft progresses into form of RFC. So that statement makes the point that there is no point in the document except for DNSSEC Tran

Re: [DNSOP] Call for Adoption: draft-pusateri-dnsop-update-timeout

> On 28 Apr 2020, at 04:28, Tim Wicinski wrote: > > > All, > > As we stated in the meeting and in our chairs actions, we're going to run > regular call for adoptions over next few months. > We are looking for *explicit* support for adoption. > > > This starts a Call for Adoption for draft

Re: [DNSOP] Call for Adoption: draft-pwouters-powerbind

Joe Abley writes: > This draft needs a more compelling problem statement, and a clear > description of why other controls (e.g. reputational, contractual) are > insufficient. [It's also possible that the draft just needs a clearer > problem statement, rather than a more compelling one.] Hi Joe,

Re: [DNSOP] Call for Adoption: draft-pusateri-dnsop-update-timeout

On Mon, Apr 27, 2020 at 11:29 AM Tim Wicinski wrote: > > All, > > As we stated in the meeting and in our chairs actions, we're going to run > regular call for adoptions over next few months. > We are looking for *explicit* support for adoption. > > I support adoption of this as a WG item. I am wi

Re: [DNSOP] New draft on delegation revalidation

On Fri, Apr 24, 2020 at 6:21 PM Gavin McCullagh wrote: > ... > PS How truly intractible is the registry argument? It seems something > like "When an NS change is made, TTL=3600 for the first N hours, then 2 > days thereafter." would be a major step forward without drastically > increasing complex

Re: [DNSOP] Call for Adoption: draft-pwouters-powerbind

On Apr 27, 2020, at 18:28, Wes Hardaker wrote: > Thanks for the comments. I'm working on a more clear rewrite of the > introduction. I'd love your feedback on it once I get it wrapped up. Yes, for sure! Happy to do that. Joe ___ DNSOP mailing list

Re: [DNSOP] New draft on delegation revalidation

On Mon, Apr 27, 2020 at 8:09 AM Joe Abley wrote: > On 25 Apr 2020, at 00:30, Shumon Huque wrote: > > On Fri, Apr 24, 2020 at 6:21 PM Gavin McCullagh > wrote > > That's one way to approach it. What I was thinking was, if the >> registries want to dictate the TTL, that seems understandable. Bu

Re: [DNSOP] Call for Adoption: draft-pwouters-powerbind

On Mon, Apr 27, 2020 at 3:28 PM Wes Hardaker wrote: > Joe Abley writes: > > > This draft needs a more compelling problem statement, and a clear > > description of why other controls (e.g. reputational, contractual) are > > insufficient. [It's also possible that the draft just needs a clearer > >

Re: [DNSOP] Privacy and DNSSEC

On Sat, Apr 25, 2020 at 2:57 AM Paul Vixie wrote: > On Saturday, 25 April 2020 06:23:54 UTC Vladimír Čunát wrote: > > Original subject: New draft on delegation revalidation > > > > Still, note that for some consumers the secure transport may be an > > argument to drop validating DNSSEC themselves

[DNSOP] Client Validation - filtering validation?

On Fri, Apr 24, 2020 at 11:56 PM Paul Vixie wrote: > mind if i cut in? > > On Saturday, 25 April 2020 06:23:54 UTC Vladimír Čunát wrote: > > Original subject: New draft on delegation revalidation > > > > On 4/24/20 4:49 PM, Shumon Huque wrote: > > > ... > > > > ... > > (agreeableness.) > > > Some

Re: [DNSOP] Call for Adoption: draft-pwouters-powerbind

On Mon, 27 Apr 2020, Brian Dickson wrote: The other would be the kind that are multiple-depth delegation zones, where the Public Suffix List is already kind of necessary. What I think is needed is a way to explicitly declare the places where the depth is > 1 (if a normal flat delegation-only

Re: [DNSOP] Call for Adoption: draft-pwouters-powerbind

In article , Brian Dickson wrote: >The two example zones I would reference would be ".uk", and ".jp", where >there are SLDs immediately below the TLD, and additional SLD-like >delegations or non-delegations further down in the zones. I think you will find ENTs in more TLDs than not. They certai

Re: [DNSOP] Privacy and DNSSEC

On Tuesday, 28 April 2020 01:02:27 UTC Shumon Huque wrote: > On Sat, Apr 25, 2020 at 2:57 AM Paul Vixie wrote: > > ... > > The DNSSEC specs have always contemplated validating stub resolvers. > I think the Kaminsky cache poisoning scare inadvertently focussed our > efforts on solving the DNSSEC-t

Re: [DNSOP] Privacy and DNSSEC

> On 28 Apr 2020, at 14:06, Paul Vixie wrote: > > On Tuesday, 28 April 2020 01:02:27 UTC Shumon Huque wrote: >> On Sat, Apr 25, 2020 at 2:57 AM Paul Vixie wrote: >>> ... >> >> The DNSSEC specs have always contemplated validating stub resolvers. >> I think the Kaminsky cache poisoning scare in