On Mar 13, 2018, at 11:16 AM, Joe Abley <jab...@90.212.199.in-addr.arpa> wrote: > > I think that if Tony can be d...@dotat.at <mailto:d...@dotat.at>, surely I > can be jab...@90.212.199.in-addr.arpa <mailto:jab...@90.212.199.in-addr.arpa>. > > A zone is a zone. ARPA is only special by convention, not by protocol.
Yup. Thinking through the threat model here, when would this even work? It would certainly work in principle for stable servers that have reverse delegations. For servers that move around a lot, it seems like a really crappy solution. Why do you trust a server that's moving around a lot? Presumably because you've already established trust with it OOB. So why do you need ACME in this case? For the case of a server that's not moving around a lot, why is it useful? How did your resolver know to contact that particular server? I don't see anything in the document describing the motivating use case. Did I miss that from some other document?
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop