Scott, Here is the revised version with your suggested changes incorporated: https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-problem-statement/
Thank you very much for the review and suggestion. Linda Dunbar -----Original Message----- From: Linda Dunbar Sent: Monday, March 16, 2020 12:01 PM To: Hollenbeck, Scott <[email protected]> Cc: [email protected]; [email protected] Subject: RE: DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem-statement-08 Scott, Thank you very much for the suggestion. Have changed the text per your suggestion. Will upload the new version when the IETF submission opens up next Monday. Linda -----Original Message----- From: Hollenbeck, Scott <[email protected]> Sent: Wednesday, March 11, 2020 1:19 PM To: Linda Dunbar <[email protected]> Cc: [email protected] Subject: DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem-statement-08 (Sorry, this is a late response to a review request original sent to the dnsop list on 11 February) Section 3.4 (DNS for Cloud Resources) includes these sentences: "Globally unique names do prevent any possibility of collision at the present or in the future and they make DNSSEC trust manageable. It's not as if there is or even could be some sort of shortage in available names that can be used, especially when subdomains and the ability to delegate administrative boundaries are considered." Could we make the last sentence stronger, perhaps with a statement like this from the US CERT WPAD Name Collision Vulnerability alert dated May 23, 2016? "Globally unique names do prevent any possibility of collision at the present or in the future and they make DNSSEC trust manageable. Consider using a registered and fully qualified domain name (FQDN) from global DNS as the root for enterprise and other internal namespaces." https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.us-cert.gov%2Fncas%2Falerts%2FTA16-144A&data=02%7C01%7Clinda.dunbar%40futurewei.com%7Cc4a7c2f2e85741d5b8a308d7c5e8eef1%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C1%7C637195476559397274&sdata=vBnDcnkZ8Zsk7MT610GQOsRQVt7G%2BLscbvwiDWXX%2Fvc%3D&reserved=0 The alert actually says "other internal namespace", but I think that's a typo. Scott _______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
