An omnibus reply. At 8:52 +1300 3/3/10, Jay Daley wrote:
Did you mean to exclude the DNS path for those that choose it? Isn't it is a registry/DNS parent policy decision.
At one level of description, yes, at another, no. If the underlying mechanism for the interface uses a DNS query to get the data, that's fine. The caveats of "is it secure" "is it logged" etc. apply.
At 19:57 +0000 3/2/10, Tony Finch wrote:
Even if the update cannot be automatically pushed from the DNS provider to the registrar, it ought to be possible to just tell the registrar to fetch the domain's new delegation records without any error-prone copy and paste.
We (as DNS operator) really would ideally not even bother the registrant with this at all, much less even risk them having to cut and paste.
One could imagine that the customer opens their account with a credit card and supplies a DNS operator in the contact field and some sort of automated secret generation happens and from then on the DNS queries are TSIG protected - thinking wildly here.
At 20:05 +0000 3/2/10, Alex Bligh wrote:
My concern is that whatever automatic update mechanism you choose has to use some greater level of security than merely relying on the zone being signed.
Certainly. At 14:58 -0500 3/2/10, Eric Brunner-Williams wrote:
I'm quite interested in the EPPbis area, and the DS provisioning problem, but I'm spending my wicked limited travel time until mid-May (my partner's a 1L at Cornell Law) on a CORE technical meeting. I'll be happy to v-bar-bof from in front of a German beer, 9 timezones distant.
A bar BOF is like a "beta", not even a "release candidate", ... I'm sure there will be more discussions - oh wait, you know a lawyer. I'll need you to sign a waiver. ;)
There will be some meeting of registrars (ICANN accredited that is) a week from today, and there is the RSG mailing list too.
I won't be there, but I am hoping someone there will carry the message. (Haven't heard an ack from that volunteer yet though.)
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 As with IPv6, the problem with the deployment of frictionless surfaces is that they're not getting traction. _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
