On 5 Aug 2016, at 16:05, Wes Hardaker wrote:
"Ben Campbell" <[email protected]> writes:
[everything else addressed but I had a question about this last one:]
-8: Seems like there could be more to say about the potential
consequences about the “fail or proceed without security”
decision
in 6
and 6.1.
I think the world is very much at a loss as to the best thing to do
in
that case. And is likely very case specific. Military
installations
tend to be a bit more strict about continuing through to a
unacceptable
security certificate, eg. I'm not sure we can enumerate every
context,
but rather say each local policy will need to do what is appropriate
for them.
I think it would be useful to say _that_. (as in "here's a security
consideration people need to, well, consider")
How's this sound as a concluding sentence:
<section title="What To Do">
<t>If Host Validator detects that DNSSEC resolution is not
possible it SHOULD log the event and/or SHOULD warn user. In
the case there is no user no reporting can be performed thus
the device MAY have a policy of action, like continue or
fail.
new: Until middle boxes allow DNSSEC protected information to
traverse them consistently, software implementations may need
to offer this choice to let users pick the security level they
require.</t>
</section>
It's not an easy thing without introducing more "temporal" text into
the document
I have no objection to adding that that, but I was thinking along the
lines of "Note that continuing without DNSSEC protection in the absence
of a notification or report could lead to situations where users assume
a level of security does not exist."
Thanks!
Ben.
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
