On Wed, 11 Jun 2025, Erik Nygren wrote:
There are two cases here:
1) Accidental retention of zone contents (this seems unlikely, but worth
mentioning)
No, unless someone has actually seen it happen. It'll just confuse
people.
2) Malicious reintroduction of zone contents (this is the concern we need
to make sure is well-addressed, and is one of the reasons it is critical
that validations are tied to users/accounts).
No, unless someone has actually seen it happen. The threat model makes no
sense -- it seems rather unlikely that the old zone owner is still paying
the bill for the service it's supposed to validate, or that the new zone
owner has the credentials to use it.
R's,
John
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
