Hiya, On 06/11/2019 14:15, Paul Wouters wrote: > >> On Nov 6, 2019, at 04:24, Ralf Weber <[email protected]> wrote: >> >> >>> 4: without expecting everyone to support DNSSEC. >> Really. I can not see how we design something new that does not take DNSSEC >> into account. > > Indeed. The longer we treat DNSSEC as optional, the longer we will be faced > with adoption problems, exactly as with IPv6. > > We talk a lot about the DNS camel, but the “avoid DNSSEC” camel has quite the > number of pages in RFCs now.
Interesting. I read Warren's text as being "don't require
DNSSEC having been deployed" while you and Ralf seem to be
reading the same text as "don't take DNSSEC into account"
or "avoid DNSSEC."
I'm fine with Warren's text FWIW. ISTM that ~1% deployment
after this elapsed time means that depending on DNSSEC
deployment is just... unwise. ("Unwise" wasn't the first
word I typed there btw;-) Being to be able to benefit
from DNSSEC deployment is a good thing, but a different
thing. I also think trying to avoid or ignore DNSSEC is
almost but not quite as unwise as requiring DNSSEC
deployment.
Maybe these different interpretations of the same text
are indicators that many of us are reading too much
between too many lines?
Cheers,
S.
>
> Paul
> _______________________________________________
> dns-privacy mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/dns-privacy
>
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
