On Apr 13, 2012, at 3:30 PM, Jaap Akkerhuis wrote: >> More pragmatically, while I understand the theory behind rejecting NTAs, >> I have to admit it feels a bit like the IETF rejecting NATs and/or DNS >> redirection. I would be surprised if folks who implement NTAs will stop >> using them if they are not accepted by the IETF. >> > it is still not a reason for the IETF to standardize this.
With the implication that multiple vendors go and implement the same thing in incompatible ways. I always get a headache when this sort of thing happens as the increased operational costs of non-interoperable implementations usually seems more damaging to me than violations of architectural purity. Different perspectives I guess. > It is seems a nice idea but a problem is that a single day is > probably not enough. IPv6 problems are (nearly) instantaneous but > with DNSSEC problems start to arise when things expire. Crawl before running a marathon. If we get to a point where people actually deploy signing and/or validation systems, I'd call it success. Regards, -drc _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
