On Tue, May 11, 2021 at 6:36 PM Paul Wouters <[email protected]> wrote: > On Tue, 11 May 2021, Eric Rescorla wrote: > > > > 2. Is this proposal a plausible starting point for that? > > No it is not. If a TLD that falls under ICANN policues would suggest > running software that supports this proposed record, it would surely > trigger an RSTEP review, and wearing my ICANN RSTEP reviewer hat, I > would strongly advise not reject the TLDs technical proposal. > > This has nothing to do with what I want. I _want_ this record or similar > solution to work, but it just realistically cannot work. That is also why > people (including me) who are normally very strict against overloading > have suggested the only way to signal something at the parent is via > overloading the NS or DS record in some way. And using DS is better > because it is signed and can be verified at the child. >
I'd like to make sure I understand your point. Is it simply that this information should be encoded in NS or DS? If so, I don't particularly object to that. I don't have a strong opinion about how this signal is spelled. -Ekr
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
