Paul Wouters <[email protected]> writes: > I am in favour of adopting this draft as a WG item.
Ditto. > I don't think the CDS record should be able to cause a child domain to > go from secure to insecure, or from insecure to secure. That > (infrequent) change should have an additional authentication, eg via EPP > or otherwise) Ditto. I think the goal of any of the automatic update techniques should be to make the routine easy but it shouldn't be a goal to handle the infrequent, and challenging cases. (infrequent and easy is fine). Unless we can show a clear, secured, path for some transition I don't think it's worth solving. -- Wes Hardaker Parsons _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
