> On 14 Jun 2019, at 03:18, Nick Johnson <nick=40ethereum....@dmarc.ietf.org> > wrote: > > I'm working on a system that needs to authenticate a TLD owner/operator in > order to take specific actions. We had intended to handle this by requiring > them to publish a token in a TXT record
This assumes someone who is able to update the TLD has the authority or ability to change the TLD’s delegation. That’s not necessarily true. Think of registries who outsource their registry operations and/or DNS service to third parties. Such third parties might well be able to edit the zone file (or whatever) but that doesn’t necessarily mean the registry authorised or requested those changes. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop