Op 12-05-2020 om 00:48 schreef George Michaelson: > I support adoption. > > I wondered a little about "it is absolutely essential for these > transfers to be protected from unexpected modifications on the route. > So, catalog zone transfers SHOULD be authenticated using TSIG > [RFC2845]." > > The use of a categorical *absolutely* and SHOULD is jarring. If this > is really categorical, the normative enforcement needs to be stronger > maybe?
Agree, how about replacing "it is absolutely essential" with "it is key"? > I also wondered why the TTL of the RR is not held to be meaningful. It > felt like there is an opportunity to use this field but thats quibble, > the document as-is defines it as 0 and thats ok, if perhaps missing an > opportunity to use a field close to the zone being catalogued for some > purpose. We're staying away from actual configuration properties in this draft on purpose. TTL could be used to mean something in the dynamics of adding & removing of zones itself, but it feels a bit fragile to do that to be honest - we might exclude (or make more difficult) certain setups where the catalog could not be used by or from the authoritative nameserver directly. -- Willem > > On Tue, May 12, 2020 at 3:42 AM Tim Wicinski <tjw.i...@gmail.com> wrote: >> >> >> All, >> >> As we stated in the meeting and in our chairs actions, we're going to run >> regular call for adoptions over next few months. >> We are looking for *explicit* support for adoption. >> >> >> This starts a Call for Adoption for draft-toorop-dnsop-dns-catalog-zones >> >> The draft is available here: >> https://datatracker.ietf.org/doc/draft-toorop-dnsop-dns-catalog-zones/ >> >> Please review this draft to see if you think it is suitable for adoption >> by DNSOP, and comments to the list, clearly stating your view. >> >> Please also indicate if you are willing to contribute text, review, etc. >> >> This call for adoption ends: 25 May 2020 >> >> Thanks, >> tim wicinski >> DNSOP co-chair >> >> >> >> _______________________________________________ >> DNSOP mailing list >> DNSOP@ietf.org >> https://www.ietf.org/mailman/listinfo/dnsop > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
