On 3/26/22 02:21, Paul Hoffman wrote:
On Mar 25, 2022, at 5:59 PM, Joey Deng
wrote:
During my reading of DNS and DNSSEC, I found another RFC (RFC 7129) very
helpful in understanding the motivation from NSEC to NSEC3, besides RFC 5155,
but it is not listed in the draft above (maybe
Paul Hoffman wrote:> Given the higher level of scrutiny that BCPs garner,
Such a false sense of security is quite harmful to reduce
the end to end security of the Internet.
Masataka Ohta
___
On Mar 25, 2022, at 5:59 PM, Joey Deng
wrote:
> A possible format issue:
Thanks! That will be fixed in the next version.
> Since the description above mainly focuses on the new cryptography adopted by
> DNSSEC, I think it would make more sense to use title like:
>
> Additional Cryptographic
I'm the author, so I guess it goes without saying that I support its adoption.
Given the higher level of scrutiny that BCPs garner, I will incorporate
suggested text in versions of the draft if they are likely to reflect changes
that would garner consensus.
--Paul Hoffman
smime.p7s
