> > which is why in the near future we can hopefully use RDAP over TLS > > (RFC > > 7481) instead of WHOIS, and of course since the near past, DNSSEC :) > > I agree moving away from WHOIS to RDAP over TLS is a good low hanging fruit > mitigator once it is viable.
My opinion is it is viable now, and the time to transition to optionally authenticated RDAP over TLS is now. It solves pretty much all the problems we are currently having in a straightforward, standards-based way. The only opposition I've seem comes from people who seem to want to promote alternative models that destroy the WHOIS ecosystem, leading to proprietary distribution and monetization of WHOIS data. I can see why that is attractive to some people, but I don’t think it's best for everyone. I also agree that DNSSEC is a lost cause, though I understand why Paul doesn't want to give up 😊 I've wanted to see it succeed for basically my entire career, but it seems to be making about as much progress as fusion energy. -Tim
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
