Nico,
...
>
> That's a very confusing last phrase.
I had no problem reading it.
a literal reading of it is as sarcasm. If that's PHB's intent, fine, but
I just wanted to verify that there was no typo.
Your complaints that we're all inarticulate are getting old.
not everyone, but a lot of messages and docs seem to validate my
complaint :-).
>> The other major advantage is that it provides a tool to avoid some of
>> the cryptographic lock in problems that are causing certain countries
>> to cause issues in ICANN. You don't have to agree with their analysis
>> to find value in addressing the concerns.
>
> I understand their concerns. But the lack of a well-articulated
architecture
> for CT, much less a CT for DNSSEC, makes it hard for me to gauge whether
> this is a good idea.
In other words, your concern is about CT in general, not DNSSEC in
particular. Sounds like a separable issue to me. But if CT makes
sense then it makes sense for DNSSEC.
yes, my complaint about a lack of a doc describing CT architecture is not
specific to the CT for DNSSEC discussion.
CT may be appropriate for the Web PKI, w/o being a great idea for DNSSEC.
Until we have a doc that describes the architecture, we can't evaluate
how good
it is in either context.
Steve
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
