Hiya, On 27/02/2019 15:54, Paul Wouters wrote: > How is this data being consumed by the enduser ?
Very good question. Sorry for what's likely a longer answer than you want:-) Alex and I chatted about that and I think ended up figuring: a) there are many potential semantics that could be associated with such a linkage, b) we don't yet know what'd be useful, but c) no, we are defo not trying for an EV-like thing and lastly d) we really want to keep this as simple as possible - given there's a lot of feature-creep potential here, and that'd likely be fatal. My own use-case for this relates more to surveys, where I'd like to get a hint that two names are related so I could take that into account. Alex's is more business like (as you'd expect:-) he'd like to be able to feed this kind of linkage information into mail processing, e.g. perhaps to treat some mails as less-likely spam if he sees a link, compared to if he doesn't (with all the other mail processing foo that'd clearly be required to not do that kind of thing stupidly of course). We guess that there'd be other uses too but finding out if this is seen as useful enough that people would publish RR's is part of why we shot out the draft now. We also considered whether or not to e.g. try to add some kind of flag to indicate semantics but reckoned we don't know enough to do that for now. Cheers, S. > It sort of begins > to look like an EV thing. Also, wouldn't attackers just link their > fake domain to another fake domain to get a green looking OKAY?
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
