I am strongly in support of the WG adopting this draft. It will allow applications to deliver a better developer experience and higher security.
As Ted notes, there is a possibility of breakage. If something on a host is relying on an external resolver to provide localhost resolution in accordance with RFC 6761. However, that behavior is almost certainly not secure to start with, so this breakage is of the good, "increasing security" kind. --Richard On Wed, Sep 6, 2017 at 10:35 AM, Ted Lemon <[email protected]> wrote: > On Sep 6, 2017, at 10:33 AM, tjw ietf <[email protected]> wrote: > > Thanks. The document still waffles, but it 'waffles less' than it did > initially. But Mike is committed to working that and any other issue which > may arise. > > > The question I really have is not whether Mike is willing—he's stated that > he is. It's whether the working group is willing, since returning > NXDOMAIN is an actual change in behavior from the original specification in > RFC 6761, and will likely result in some breakage, since it can safely be > assumed that some stacks are currently following the RFC6761 advice. > > > > > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop > >
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
