[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNSEXT WGLC: DNSSEC Opt-in

To: namedroppers@ops.ietf.org
Subject: Re: DNSEXT WGLC: DNSSEC Opt-in
From: Paul Vixie <paul@vix.com>
Date: Mon, 03 Feb 2003 21:12:53 +0000
In-reply-to: Message from David Conrad <david.conrad@nominum.com> of "Mon, 03 Feb 2003 10:34:34 PST."<244B987E-37A6-11D7-B86C-000393DB42B2@nominum.com>

> So, isn't it time to pass/kill this one?

dunno.  but in any case i am strongly in favour of it, both because it
softens the privacy-related impact of early dnssec deployment (walking
a short nxt chain exposes less information than walking a full nxt chain
would) and because of some obscure corner cases which have shown up in
private workshops that are much easier to isolate and to think about in
an opt-in world.

re:

> > This is the beginning of a 3 week working group last call.
> > This last call ends on December 6'th.
> >
> > This document updates RFC2535 to allow NXT chain to omit insecure
> > delegations. This document covers the implications this has on
> > servers and resolvers.
> >
> > This document is on standards track and is available via following URL:
> > http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-opt-in-
> > 04.txt
> >
> > 	Olafur

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

Follow-Ups:
- Re: DNSEXT WGLC: DNSSEC Opt-in
  - From: Brian Wellington <Brian.Wellington@nominum.com>
- Re: DNSEXT WGLC: DNSSEC Opt-in
  - From: David Conrad <david.conrad@nominum.com>
- Re: DNSEXT WGLC: DNSSEC Opt-in
  - From: Ted Hardie <hardie@qualcomm.com>

References:
- Re: DNSEXT WGLC: DNSSEC Opt-in
  - From: David Conrad <david.conrad@nominum.com>

Prev by Date: Re: DNSEXT WGLC: DNSSEC Opt-in
Next by Date: Re: DNSEXT WGLC: DNSSEC Opt-in
Previous by thread: Re: DNSEXT WGLC: DNSSEC Opt-in
Next by thread: Re: DNSEXT WGLC: DNSSEC Opt-in
Index(es):
- Date
- Thread