On Thu, 18 Apr 2013, Joe Abley wrote:
There's no protocol meaning at present for an apex DS RRSet, which means it
ought to be harmless to add one. A parent (or the parent's agent) could decide
to act upon the presence of a signed apex DS RRSet just as easily as it could
with CDS. It might as
Joe Abley wrote:
>
> There's no protocol meaning at present for an apex DS RRSet, which means it
> ought to be harmless to add one. A parent (or the parent's agent) could
> decide to act upon the presence of a signed apex DS RRSet just as easily as
> it could with CDS. It might as well pick up
On 2013-04-18, at 18:15, Wes Hardaker wrote:
> CDS is at least a decent middle ground that offers a middle point in the
> balance equation. It provides a decent point where security and
> operational practice might be at the top of the tradeoff bubble. And,
> that's why we have operational and
Edward Lewis writes:
[Ed's well written and long thoughts about transfer issues removed]
Security vs operational practice has always been a contention. Security
purists want the strictest of controls so that nothing can ever be
stolen, misused, abused, modified, etc. They'd use 4-factor
authen
I was thinking a bit about the CDS draft, not specifically it, but the problem
it is addressing.
This message was spurred by a comment that "in a key emergency where the
private key is exposed" the only way to go forward is to completely stop DNSSEC
and then do a re-start from state "0." The r
There is no reason USE RULES on the addresses resolved cannot be
published (except perhaps that certain parties in this group doesnt want
that to happen for some reason).
For instance - one could publish a OPT-OUT Statement for Mailing Use
Rules, something that is critically needed in dealing
On Thu, Apr 18, 2013 at 10:10:53AM +0100,
Jim Reid wrote
a message of 15 lines which said:
> > Do people even contemplate new classes anymore?
>
> Yes. A now dead Swiss(?)
He was French. An analysis (in french) of his work is here:
http://www.bortzmeyer.org/net4d.html
__
On 18 Apr 2013, at 04:31, Erik Kline wrote:
> Do people even contemplate new classes anymore?
Yes. A now dead Swiss(?) academic got paid by the ITU to promote this idea 4-5
years ago after he presented it at WSIS and IGF. The concept was to "increase
competition" in the DNS name space. Which w