On Feb 8, 2021, at 12:11, Paul Hoffman <[email protected]> wrote: > > > Without a fleshwd-out proposal for a fully-authenticated protocol to compare > to, saying that this WG should not try to fulfill its charter to help encrypt > recursive to authoritative traffic just seems wrong.
We went over this in great detail with Peter van Dijk’s “put pubkey in the DS record” proposal where he wrote something fleshed out and we discussed it at great length, touching on things like RRT’s vs parent or child being in change control vs TLSA _prefix records on NS records vs domain records. We are discussing disagreement on basic concepts here, not on finishing up details after WG adoption of the idea. The only consensus I’ve seen so far is the problem statement. Once we get a rough consensus on a type of solution, we can think about fleshing it out. This document is fleshed out but doesn’t seem[*] to have consensus on its basic premise of its solution. Paul [*] the chairs will make that call _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
