On Mar 23, 2021, at 18:48, Jim Reid <[email protected]> wrote: > > > >> On 23 Mar 2021, at 22:32, Paul Wouters <[email protected]> wrote: >> >> So what is it that you are exactly objecting to? The syntax or the >> capability? > > The capability - mostly. TLDs should not be publishing SVCB records for the > reasons I outlined before.
What you outlined is not clear. > I’m not too keen on using SVCB records apart from stubs finding resolvers on > their local network. It’s OK for me to publish SVCB records in rfc1035.com > for anyone who has the misfortune to be one of my local users and needs to > find an encrypted resolver. IMO it’s not OK to do that in .com (say) for > everthing on the planet that needs to lookup a .com domain name. I think you are misinterpreting the draft. The goal is to advertise DoT servers ONLY for yourself, not for your children or parent. There might be some confusion because the draft editors mistakenly believe they can get child SVCB records published at the server, like DS records. I’ve already tried to convince them that is not going to happen. > This is all somewhat moot because I very much doubt any busy TLD will ever > turn on DoT or DoH on their authoritative name servers. SVCB allows them to put those servers in as separate infrastructure that would not affect regular nameserver operation. There is discussion about conveying status (testing, production) within the SVCB record. Paul _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
