Moin!
On 7 Jan 2017, at 23:54, Scott Schmit wrote:
why you think hostile actors will do things with RPZ that they
couldn't do now?
>
> For the very reasons that the authors want to make this an RFC -- RPZ
> isn't interoperable between DNS resolvers today. Once this RFC is
> published,
On Tue, 10 Jan 2017, Matthijs Mekking wrote:
I see that IESG has approved this document, but I am still wondering this:
On 01-12-16 13:20, Matthijs Mekking wrote:
Hi,
I read this again. I still wonder if in the case of DNSSEC Delete
Algorithm it wouldn't be easier to say: In case the
Yes I agree,
Push a new version if Tim agrees ?
Olafur
On Tue, Jan 10, 2017 at 12:53 PM, Paul Wouters wrote:
> On Tue, 10 Jan 2017, Matthijs Mekking wrote:
>
> I personally think the simplification of using all zero's is good. If
>>> someone accidentally changes the wrong
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations of the IETF.
Title : Managing DS records from parent via CDS/CDNSKEY
Authors : Olafur Gudmundsson
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations of the IETF.
Title : Managing DS records from parent via CDS/CDNSKEY
Authors : Olafur Gudmundsson
On Tue, 10 Jan 2017, Paul Wouters wrote:
Ohh, I think Matthijs actually found a bug:
Fixed in 06 (I forgot the text update in 05). Thanks to Matthijs
for being so persistent in bringing this up. My apologies that
I did not understand your concern before.
Chairs, it is up to you to decide on
Thanks Paul, and double thanks to Matthijs for his diligence in wisely
forcing this.
The new version is minor, but significant. I don't feel that it needs a
new WGLC, but I want to put the diff between the two versions here so folks
may take a second look.
On 10-01-17 17:50, Paul Wouters wrote:
> On Tue, 10 Jan 2017, Matthijs Mekking wrote:
>
>> I see that IESG has approved this document, but I am still wondering
>> this:
>>
>> On 01-12-16 13:20, Matthijs Mekking wrote:
>>> Hi,
>>>
>>> I read this again. I still wonder if in the case of DNSSEC
On Tue, 10 Jan 2017, Matthijs Mekking wrote:
I personally think the simplification of using all zero's is good. If
someone accidentally changes the wrong number in the DS record when
changing parameters, it will prevent a mistaken delete request. While,
the zone might still fail, at least it
>> 1) If the traver's laptop/phone uses Heathrow Airport resolvers then Heathro
>w
>
>>4) DNS is not really private so Google may offer their DNS services over HTTP
>S
>> 5) Governments may force Google to block popular sites, so users switch to
>>other DNS resolvers, again over HTTPS.
>
>See
10 matches
Mail list logo