To use Split Mode, a customer would use HTTPS records to direct clients to the
CFS. These could be AliasMode records (if the customer does not require any
customization of the HTTPS parameters), or they could be ServiceMode records
that are periodically synchronized with the CFS's ECHConfig (e.
The following errata report has been submitted for RFC9460,
"Service Binding and Parameter Specification via the DNS (SVCB and HTTPS
Resource Records)".
--
You may review the report below and at:
https://www.rfc-editor.org/errata/eid8168
--
This report is incorrect. SvcParamValues always are presented via a
char-string encoding as defined in Appendix A, so quotes are always allowed.
The "single decimal integer" applies to the "value" which is derived by
reversing the escaping of the char-string, producing a *OCTET in ABNF.
Thank
HI,
I support publication of this draft.
This will greatly improve the user experience and network operations thus
greatly improves troubleshooting resulting in reduced mean-time-to-repair.
Regards,
Wilman Lee
-Original Message-
From: Benno Overeinder
Sent: Saturday, October 26, 202
On 11/4/24 14:24, Roy Arends wrote:
The DS record already indicates if a delegation is secured and, if so, provides
a signed digest over the secure entry point of the delegated zone. In theory,
the digest function could be as simple as an identity hash function (where
pre-image equals the ou
I am aware that this is the dnsop wg discussion mailing list and not the DD
(deleg wg) mailing list, so I encourage Peter to re-post his email to the deleg
WG discussion mailing list.
My motivation for bringing Peter's draft up at the microphone at this morning's
deleg WG is as follows:
At
> Il 26/10/2024 22:10 CEST Benno Overeinder ha scritto:
>
> If you believe this draft is ready for publication as an RFC, please
> state your support. Conversely, if you feel the document isn’t ready
> for publication, please provide your concerns and reasoning.
I support publication (with a
I support publication of this draft.
This will improve user web experience by providing information to
better understand why a website request has been denied. It is also
beneficial to organisations which provide 'blocklists' and DNS
filtering services.
Dan Sexton
___
Hi Ben,
Thank you so much for your insights! I have some follow-up questions
regarding the Service Mode setups, and I would greatly appreciate your help.
Let’s say there’s a back-end domain on IP A, and a CFS on IP B. In order to
successfully use ECH (SplitMode) in ServiceMode, would the operator
The DNSOP WG has placed draft-buraglio-deprecate7050 in state
Candidate for WG Adoption (entered by Tim Wicinski)
The document is available at
https://datatracker.ietf.org/doc/draft-buraglio-deprecate7050/
___
DNSOP mailing list -- dnsop@ietf.org
To u
Thanks Paul!
Glad you did upload that and apologies for the misinformation.
Warmly,
Roy
> On 4 Nov 2024, at 18:37, Paul Wouters wrote:
>
> On Mon, 4 Nov 2024, Roy Arends wrote:
>
>> While I thought this was an original idea when I heard it during the DELEG
>> discussions, it has been propos
On Mon, 4 Nov 2024, Roy Arends wrote:
While I thought this was an original idea when I heard it during the DELEG discussions,
it has been proposed by both Peter van dijk (see below) and Paul Wouters independently
(I've seen a draft for it, named "ds uplifting", though not in the datatracker,
The DNSOP WG has placed draft-crocker-dnsop-dnssec-algorithm-lifecycle in
state Candidate for WG Adoption (entered by Tim Wicinski)
The document is available at
https://datatracker.ietf.org/doc/draft-crocker-dnsop-dnssec-algorithm-lifecycle/
___
DNSOP
Hi,
Given there are several reasons for a domain to be blocked (mandatory reasons
in case of court orders, CSAM filtering, customer requested reasons in case a
customer opt in to a protective DNS service), today the customer is facing a
disorienting user experience, as either if the response is
Hello fine DNS people,
in light of discussions I've had with several people here in Dublin
(mostly around DELEG), I am reviving some old drafts because they might
be interesting to consider for the "toolbox" again.
For this draft, which allows unhashed publication of data in DS records,
the conte
15 matches
Mail list logo
