You're welcome, and thanks for accepting the suggestion. Scott
> -----Original Message----- > From: Linda Dunbar <linda.dun...@futurewei.com> > Sent: Wednesday, March 18, 2020 6:54 PM > To: Hollenbeck, Scott <shollenb...@verisign.com> > Cc: dnsop@ietf.org; rt...@ietf.org > Subject: [EXTERNAL] RE: DNS for Cloud Resources in draft-ietf-rtgwg- > net2cloud-problem-statement-08 > > Scott, > Here is the revised version with your suggested changes incorporated: > https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-problem- > statement/ > > > Thank you very much for the review and suggestion. > > Linda Dunbar > > -----Original Message----- > From: Linda Dunbar > Sent: Monday, March 16, 2020 12:01 PM > To: Hollenbeck, Scott <shollenb...@verisign.com> > Cc: dnsop@ietf.org; rt...@ietf.org > Subject: RE: DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem- > statement-08 > > Scott, > > Thank you very much for the suggestion. Have changed the text per your > suggestion. Will upload the new version when the IETF submission opens up > next Monday. > > Linda > > -----Original Message----- > From: Hollenbeck, Scott <shollenb...@verisign.com> > Sent: Wednesday, March 11, 2020 1:19 PM > To: Linda Dunbar <linda.dun...@futurewei.com> > Cc: dnsop@ietf.org > Subject: DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem- > statement-08 > > (Sorry, this is a late response to a review request original sent to the dnsop > list on 11 February) > > Section 3.4 (DNS for Cloud Resources) includes these sentences: > > "Globally unique names do prevent any possibility of collision at the present > or in the future and they make DNSSEC trust manageable. It's not as if there > is or even could be some sort of shortage in available names that can be > used, especially when subdomains and the ability to delegate administrative > boundaries are considered." > > Could we make the last sentence stronger, perhaps with a statement like this > from the US CERT WPAD Name Collision Vulnerability alert dated May 23, > 2016? > > "Globally unique names do prevent any possibility of collision at the present > or in the future and they make DNSSEC trust manageable. Consider using a > registered and fully qualified domain name (FQDN) from global DNS as the > root for enterprise and other internal namespaces." > > https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fww > w.us-cert.gov%2Fncas%2Falerts%2FTA16- > 144A&data=02%7C01%7Clinda.dunbar%40futurewei.com%7Cc4a7c2f2e > 85741d5b8a308d7c5e8eef1%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C > 1%7C637195476559397274&sdata=vBnDcnkZ8Zsk7MT610GQOsRQVt7G > %2BLscbvwiDWXX%2Fvc%3D&reserved=0 > > The alert actually says "other internal namespace", but I think that's a typo. > > Scott _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
