On 6/30/2021 6:28 PM, Mark Andrews wrote:
I’d argue that there are a magnitude more resolvers
Yes. Be pedantic! :-) I said "recursive resolver" and I really mean
caching recursive resolver as opposed to stub resolver. Fair? I may
be behind times, but few if any stub resolvers were
I’d argue that there are a magnitude more resolvers than browsers in the world.
There are lots of devices that have a resolver but don’t have a browser.
Think of all the smart light bulbs. They all need to be able to update their
trust anchors. DNSSEC deployment is still in its infancy.
>
Peter et al -
It might be useful to review RFC 4986 -
https://www.rfc-editor.org/rfc/rfc4986.html - Requirements Related to
DNS Security Trust Anchor Rollover - to understand what the problem
requirements were/are before resurrecting this discussion again. If
the requirements have changed,
On 30 Jun 2021, at 14:59, Peter van Dijk wrote:
> I feel that the right mechanism for root key distribution is software
> distributors. This is working fine for the CA system, and with keys announced
> far enough in advance, should work fine for DNSSEC. Software distributors
> have solved
Hello DNSOP,
> I propose replacing rfc5011-security-considerations with a short document
> deprecating 5011 in its entirety. I am happy to write text for that, if there
> is an appetite - when the WG queue is small enough!
I see this ruffled some feathers. Here's a more nuanced version.
I
On Fri, Jun 18, 2021 at 12:06 PM Joe Abley wrote:
> On 18 Jun 2021, at 14:45, Paul Wouters wrote:
>
> > On Jun 18, 2021, at 13:41, Peter van Dijk
> wrote:
> >
> >> I propose replacing rfc5011-security-considerations with a short
> document deprecating 5011 in its entirety.
> >
> > Eh? 5011 is
On 23 Jun 2021, at 12:28, Vladimír Čunát wrote:
> On 18/06/2021 19.40, Peter van Dijk wrote:
>
>> I propose replacing rfc5011-security-considerations with a short document
>> deprecating 5011 in its entirety. I am happy to write text for that, if
>> there is an appetite - when the WG queue is
On 18/06/2021 19.40, Peter van Dijk wrote:
aname can go; I trust the WG feels SVCB will supersede it.
Yes, please.
I propose replacing rfc5011-security-considerations with a short document
deprecating 5011 in its entirety. I am happy to write text for that, if there
is an appetite - when
On Fri, Jun 18, 2021 at 7:41 PM Peter van Dijk
wrote:
>
> On Wed, 2021-06-16 at 19:38 -0400, Tim Wicinski wrote:
> > All
> >
> > The chairs have been doing prep work for the upcoming IETF meeting; one
> > issue that we are working on is reaching out to authors whose working group
> > documents
Peter van Dijk writes:
> I propose replacing rfc5011-security-considerations
I keep meaning to republish it with Olafur's suggested reduced title
(since it's really describing just one problem). But it's unlikely to
get published as an RFC due to lack of consensus after a long drawn out
On Jun 18, 2021, at 16:36, Paul Wouters wrote:
> Sure, but if we were to deprecate 5011, what would we expect to happen
> when we want to do another rollover ?
To be more clear, I was *not* suggesting that 5011 should be deprecated.
Joe
___
DNSOP
On Fri, 18 Jun 2021, Joe Abley wrote:
On Jun 18, 2021, at 13:41, Peter van Dijk wrote:
I propose replacing rfc5011-security-considerations with a short document
deprecating 5011 in its entirety.
Eh? 5011 is baked into various software. Why would replace 5011 ?
Did I miss something?
On 18 Jun 2021, at 14:45, Paul Wouters wrote:
> On Jun 18, 2021, at 13:41, Peter van Dijk wrote:
>
>> I propose replacing rfc5011-security-considerations with a short document
>> deprecating 5011 in its entirety.
>
> Eh? 5011 is baked into various software. Why would replace 5011 ?
>
> Did
On Jun 18, 2021, at 13:41, Peter van Dijk wrote:
>
> I propose replacing rfc5011-security-considerations with a short document
> deprecating 5011 in its entirety.
Eh? 5011 is baked into various software. Why would replace 5011 ?
Did I miss something?
Paul
On Wed, 2021-06-16 at 19:38 -0400, Tim Wicinski wrote:
> All
>
> The chairs have been doing prep work for the upcoming IETF meeting; one issue
> that we are working on is reaching out to authors whose working group
> documents have recently expired. While doing this, Benno did some datatracker
On Wed, Jun 16, 2021 at 7:39 PM Tim Wicinski wrote:
> All
>
> The chairs have been doing prep work for the upcoming IETF meeting; one
> issue that we are working on is reaching out to authors whose working group
> documents have recently expired. While doing this, Benno did some
> datatracker
All
The chairs have been doing prep work for the upcoming IETF meeting; one
issue that we are working on is reaching out to authors whose working group
documents have recently expired. While doing this, Benno did some
datatracker stuff and ended up with this list
17 matches
Mail list logo
