Re: axfr-clarify on the move again

[gson@nominum.com (Andreas Gustafsson)]

[ietf@ietf.org has once again been removed from list of recipients.]

Kenji Rikitake writes:
> I would like to urge that the database structure of BIND MUST NOT define
> the semantics of DNS.  Breaking the RFC1034 model which assures the
> uniqueness of DNS RR integrity will significantly hamper the fundamental
> security of the current non-cryptographic DNS, which is still heavily
> dependent of the uniqueness of AXFR-transferred data.  If you all
> disapprove A6, please do NOT approve such an idea, again.

I'm sorry, but I'm unable to make sense of this message - it is vague
to the degree that I can't even tell for sure if it is a statement for
or against axfr-clarify.  I'm guessing against, but I can't defend the
draft until I understand what you actually mean by your criticism.

Please define what you mean by "uniqueness of DNS RR integrity" and
explain how it is "assured by the RFC1034 model".

Please explain how the axfr-clarify draft "breaks" this, and exactly
how that will "significantly hamper the fundamental security of the
current non-cryptographic DNS".

Also, please define the property of "uniqueness of AXFR-transferred
data" and explain how the "fundamental security" depends on it.

-- 
Andreas Gustafsson, gson@nominum.com

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>