On Fri, 16 Nov 2018, Waltermire, David A. (Fed) wrote:
One comment on your COMMENT wearing chair and shepherd hats:
We have to use DNS presentation format for the DS records and not wire
format?
The group was "split" on this question. We did a hum, with most responding in
the room that they either did not care or had a slight preference for presentation
format. This is why it is this way.
Note that we did not use humming as a vote. The humming gave an idea of
the room that the disadvantage of IKE software needing to understand and
convert wire to/from presentation format only to prevent "string
overflow errors" was not worth the trouble of forcing a wire format,
especially since IKE just relays this information to another
application, and this API almost certainly uses presentation format
(for example, unbound-control)
Paul
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
