Thank for your feedback. My comments below: On 04/15/2013 08:30 PM, Viktor Dukhovni wrote: > On Mon, Apr 15, 2013 at 03:08:57PM +0200, Sandoche Balakrichenan wrote: > >> Even though it took some time, here in i attach a tutorial style >> document which explains implementing DANE and a Proof of Concept using a >> browser add-on. > The "guide" could be much shorter. Just explain clearly how to set up > TLSA records for HTTPS in the context of an already signed DNSSEC zone. ==> The focus of the document was to act as a guide for someone who has a domain name and has some knowledge (an expert does not need this document) of configuring his domain zone to add a TLSA RR and do an end-to-end test. Making it more shorter, i felt will not fulfill this objective. > > The description of DNSSEC configuration is too miminal to be very > useful. In fact almost downright dangerous, since operating a DNSSEC > zone is a lot more involved than a one-time registration of a DS > RR in the parent zone. This topic is covered in a lot more depth > elsewhere and you're unlikely to do it justice except by reference > to something that already covers this well. ==> Completely agree. Will provide a proper reference in the next iteration. > > Since the write-up explains none of the implementation details of > the browser client plugin, the discussion of the client behaviour > is just a distraction. ==> My first comment answers this question. > > Is the document a paper for academic publication or a How-To guide > for system administrators? It seems to be a strange mixture of > the two. > ==> More as an How-To guide?
Thanks again, Sandoche. _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
