> On Mar 11, 2019, at 7:07 PM, Sara Dickinson <[email protected]> wrote: > > A new draft has been submitted outlining using DNS-over-TLS for zone > transfers. >
Hi Sara, I wonder if you would be willing to include a reference to the ZONEMD work in this draft. Just as RFC 7858 says that TLS and DNSSEC are independent and solve different problems, I think it would be good to point out here that xfr-over-tls is not a substitution for being able to verify the integrity of zone data as published. DW
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
