On Tue, Apr 29, 2025 at 06:15:35PM +0000, Salz, Rich wrote:
> And yet, they're still best avoided, unless there a good reason to
> support them. The security story with wildcards is all bad news,
>
> Shrug. It’s trade-offs, like most things in the security area. I
> assume that the WG decided they’re worth doing, according to an IETF
> consensus standards-track RFC. You disagree; that’s fine.
My comment was actually about the security considerations being
incomplete, and secondly that *if* wildcard support (originally
excluded) is to be added at this late point in the process, then
along with some more detail in the security considerations, there
could be a phrase discouraging their use, i.e. some approximation
of "best avoided".
--
Viktor.
_______________________________________________
OPSAWG mailing list -- [email protected]
To unsubscribe send an email to [email protected]
