Sorry too late to comment,
The word "Caching DNS Servers" and "Caching servers" are not defined
by DNS RFCs. They should be "full-service resolvers" defined by RFC 1123.
# Some authoritative DNS server software have packet cache or hot spot
# cache. They may be "caching DNS servers".
--
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations Working Group
of the IETF.
Title : The .onion Special-Use Domain Name
Authors : Jacob Appelbaum
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 09/09/2015 05:14 AM, internet-dra...@ietf.org wrote:
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-dnsop-onion-tld/
>
I welcome the new draft. I must have missed the discussion for this
> On Sep 9, 2015, at 10:33, hellekin wrote:
> Signed PGP part
> What would a DNS record about .onion in the root zone be used for?
I am advised by people I trust that "root zone database" > "root zone" and that
this "means the DB that IANA uses to keep track of the root
On 9 Sep 2015, at 11:33, hellekin wrote:
What would a DNS record about .onion in the root zone be used for?
It could be used to provide delegation or DNAME redirection to the AS112
infrastructure, to sink leaked onion queries that do appear on the
Internet (e.g. RFC 7534, RFC 7535).
Sorry for the late reply, I'm catching up with old mail.
Ray Bellis wrote:
> On 16/07/2015 22:41, Shane Kerr wrote:
> >
> > I think it is worse than flooding with UDP. It allows "fire and forget"
> > actions from clients:
> >
> > # we can comfortably fit 20 queries into a
On Wed, 9 Sep 2015, Viktor Dukhovni wrote:
I'd like to propose that with the introduction of the CFRG algorithms,
we should deprecate:
3DSA/SHA1 DSAYY RFC3755
6DSA-NSEC3-SHA1DSA-NSEC3-SHA1 YY RFC5155
12 GOST R
On Tue, Sep 08, 2015 at 11:19:13AM +0200, Ondřej Surý wrote:
> Dear DNS colleagues,
>
> this might be of some interest to you.
>
Thanks. Shouldn't this wait for the CFRG to finalize the new EC
signature schemes? We already have too many DNSSEC algorithm ids,
and are likely to add very
Hi Viktor,
yes, we are waiting exactly for the cfrg to finish the signature schemas. But
the rest can get a review early.
f.e. it's evident now, we have to add more material about motivation to add new
curves into the draft(s).
Cheers,
Ondrej
--
Ondřej Surý -- Technical Fellow
On Wed, Sep 09, 2015 at 08:12:41PM +0200, Ondřej Surý wrote:
> Yes, we are waiting exactly for the cfrg to finish the signature schemas.
> But the rest can get a review early. f.e. it's evident now, we have to
> add more material about motivation to add new curves into the draft(s).
Great. My
10 matches
Mail list logo