On Fri, May 16, 2014 at 7:50 AM, Paul Vixie <[email protected]> wrote: > > what we do have is advice: "if you're going to do this, here is a way > that works." in many cases, and DNSSEC is an example, the advice has an > additional property: "if you want a system like this, here is how > everybody else is doing it." in the past, the DNS advice offered by the > IETF has all had both properties -- these things work and we're trying > to get everybody to do it the same way because we have a vision of the > whole internet having this new feature." >
There may still be an opportunity to give sensible proscriptive advice. For example; it might be sensible to strongly caution against variable NS or DS rrsets, and that's a behavior resolvers could be advised to reject when they see it. It's an example of something that's not common, but that some authoritative operator might experiment with (it's interesting to think about) but would likely cause some real complexity chaos. -- Colm
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
