On Mar 14, 2013, at 14:50, Johan Ihrén wrote: > > I'm just arguing against allowing "registry buy-in" to be allowed to become a > gating factor for determining CDS usefulness.
Because I'm known as someone working for a TLD operator I will point out that my motivation in this space is primarily as a DNS "hoster". Imagine, if you will, that I operate DNS zones in every TLD and many zones that are not "children" in the DNS sense of any TLD. I stress "imagine" because I probably don't have a child zone in each and every TLD. Maybe "a lot" or "quite a few", I don't know, and for the detail here, it doesn't matter. I believe there is a gating factor here involving TLDs. But not that this is acceptable to TLDs, rather that whatever is derived is compatible with all (and I mean *all*) TLDs environments. TLDs might differ in their policies and that is their prerogative, their right, their duty. I want to see something defined that is universal and can be used under any environment. I don't want to build one-offs for TLDs. Or one-offs for cases where there is no TLD involved. What I want, as a DNS operator and producer of DS record data, is a standard way to marshall the DS "guts" from the child to the parent. What I don't care so much about is how the parent comes around to get the guts of the DS from me. I say "guts" to mean either the hashes or just the identifiers to what is in the DNSKEY set. Note here that parent refers to a DNS zone that may or may not have any legal/business relationship with me (child zone operator) or my customer. In napkin scribblings, I envision that a record - possibly CDS - is at the apex of the zone I operate. In an ICANN-style shared registry model (which is often called RRR) I can see a registrar - for whatever reason - dig from my zone the "CDS" and then stuff the guts into an EPP message and send it off to the registry just as the registrar would today when a DS is pasted into a web form. This is just a quick, one use-case illustration, given just to separate what I care about (the CDS-maybe record) and what I don't care about (why the registrar digs and how they stuff the EPP). "Care" in the context of this specific proposal. Of course I care about the end-to-end....;)....I'm just focusing here. It's not registry buy-in, it's just that the proposed solution has gotta work with (all) registry arrangements. Otherwise, the utility is greatly limited and we will still be talking about this in the future. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 There are no answers - just tradeoffs, decisions, and responses.
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
