>>> Also, the insecure delegation in the root zone puts us into a >>> place where we have not been before, process-wise, because >>> this is a special use domain name and a proper TLD at the same >>> time, causing us to run both the ICANN and the IETF process, >> >> As long as we understand "run the ICANN process" as including "getting >> ICANN to invent such a process", I agree with the above.
This is my understanding as well. > I agree with Andrew and think we need to consider this step quite carefully. > This text in the IANA considerations section: > > IANA is requested to set up insecure delegation for '.homenet' in the > root zone pointing to the AS112 service [RFC7535], to break the > DNSSEC chain of trust. > > does not explain that there is no process through which IANA can set up that > delegation. It may not even be an IANA process. If this text were to be > published in an RFC, I don't think IANA can carry out that instruction today, > and I don't think IANA has the authority to negotiate a process through which > it can carry out the instruction in the future. > > I think this text should be modified in some way, before the document is > published, to recognize explicitly that no such process exists today and that > such a process is requested as part of the implementation of the published > document. > > The homenet WG is, I believe, aware of the need for a process for > instantiating an insecure delegation as requested in the -dot document. In > my opinion, the implicit request for such a process should be made explicit > in some way. Good advice. Thanks. Jari
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
