Hi Shumon, > Currently, the focus of this draft is to more surgically deal with NXDOMAIN > visibility in Compact Answers (formerly Black Lies). Most customers of these > implementations today are enterprises, application service providers, and > other non-TLDs that appear to be comfortable with (or at least resigned to) > the DNS provider holding the signing keys. > > I agree that it's useful to solve the problem you describe, and I'm > interested in it myself, but it sounds to me like a larger effort and should > be tackled separately (or in parallel).
I fully agree with that. My message was badly put, I don’t in any way think it is either or, but rather two separate things. The reason that I brought it up here and now is, well, because of the rather obvious connection. Johan
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop