Hi All,
OARC 34 will be an online meeting on February 4th & 5th starting at
16:00 UTC. The Programme Committee is seeking contributions from the
community.
All DNS-related subjects and suggestions for discussion topics are
welcome. Based on the feedback from the previous workshop, the DNS-OARC
au
Hello Paul,
On Mon, 2020-11-30 at 15:43 +, Paul Hoffman wrote:
> The more I think about draft-fujiwara-dnsop-delegation-information-signer,
> the more I think that it is much more complex than what we are doing now in
> DNSSEC, and therefore undesirable.
My feelings are similar but not iden
On Thu, Dec 10, 2020 at 1:19 PM Peter van Dijk
wrote:
> Hello Paul,
>
> On Mon, 2020-11-30 at 15:43 +, Paul Hoffman wrote:
> > The more I think about
> draft-fujiwara-dnsop-delegation-information-signer, the more I think that
> it is much more complex than what we are doing now in DNSSEC, and
Before going on I would really like to know what operational problem is being
attempted to be solved by signing delegating information?
Fujiwara-san has presented the draft without specifying what problem it is
attempting to solve. The fact the records are not signed is a observation
not a proble
On Dec 10, 2020, at 19:14, Mark Andrews wrote:
> Before going on I would really like to know what operational problem is being
> attempted to be solved by signing delegating information?
+1
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/ma
On Dec 10, 2020, at 4:14 PM, Mark Andrews wrote:
>
> Before going on I would really like to know what operational problem is being
> attempted to be solved by signing delegating information?
>
> Fujiwara-san has presented the draft without specifying what problem it is
> attempting to solve. Th
On Dec 10, 2020, at 19:25, Paul Hoffman wrote:
> In DPRIVE, there is a desire to TLSA records to authenticate authoritative
> servers. In order to do that without getting into a chicken-and-egg loop, the
> parent needs to authenticate the NS records of the child authoritative server.
I haven't
On Dec 10, 2020, at 4:35 PM, Joe Abley wrote:
>
> On Dec 10, 2020, at 19:25, Paul Hoffman wrote:
>
>> In DPRIVE, there is a desire to TLSA records to authenticate authoritative
>> servers. In order to do that without getting into a chicken-and-egg loop,
>> the parent needs to authenticate the
On 10 Dec 2020, at 19:41, Paul Hoffman wrote:
>> "Authenticate authoritative servers" is a bit vague for me. Parent and child
>> are namespace concepts and not relying parties that you'd ordinarily expect
>> to be able to authenticate anything.
>
> A resolver asks a parent what the NS records
On Thu, Dec 10, 2020 at 4:52 PM Joe Abley wrote:
> On 10 Dec 2020, at 19:41, Paul Hoffman wrote:
>
> >> "Authenticate authoritative servers" is a bit vague for me. Parent and
> child are namespace concepts and not relying parties that you'd ordinarily
> expect to be able to authenticate anything
On Dec 10, 2020, at 4:52 PM, Joe Abley wrote:
>
> On 10 Dec 2020, at 19:41, Paul Hoffman wrote:
>
>>> "Authenticate authoritative servers" is a bit vague for me. Parent and
>>> child are namespace concepts and not relying parties that you'd ordinarily
>>> expect to be able to authenticate any
11 matches
Mail list logo
