On Thursday, April 26, 2018 at 11:45:15 AM UTC, Tim Hollebeek wrote: > > > which is why in the near future we can hopefully use RDAP over TLS > > > (RFC > > > 7481) instead of WHOIS, and of course since the near past, DNSSEC :) > > > > I agree moving away from WHOIS to RDAP over TLS is a good low hanging fruit > > mitigator once it is viable. > > My opinion is it is viable now, and the time to transition to optionally > authenticated RDAP over TLS is now. It solves pretty much all the problems > we are currently having in a straightforward, standards-based way. > > The only opposition I've seem comes from people who seem to want to promote > alternative models that destroy the WHOIS ecosystem, leading to proprietary > distribution and monetization of WHOIS data. > > I can see why that is attractive to some people, but I don’t think it's best > for everyone. > > I also agree that DNSSEC is a lost cause, though I understand why Paul > doesn't want to give up 😊 I've wanted to see it succeed for basically my > entire career, but it seems to be making about as much progress as fusion > energy. > > -Tim
Moving to RDAP does not solve "all the problems we are currently having" in that it does not do anything for DCV which is what I think this thread was about (e.g. BGP implications for DCV). That said, if in fact, RDAP is viable today I agree we should deprecate the use of WhoIs and mandate use of RDAP in the associated scenarios. Ryan Hurst _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
