On Sat, May 09, 2015 at 03:08:11PM +0200, Warren Kumari wrote:
> "It is RECOMMENDED that implementations warn operators (or treat as an
> error) if they attempt to add an NTA for a domain that has a
> configured positive trust anchor."
You still need to say what happens if the implementation decid
On 5/9/15, 18:27, "John Levine" wrote:
>>Besides Paul's valid "what if it's 100,000?", how does an engineer
>>distinguish between 100x people and 100x organized bots?
>
>I dunno. How do we know that the traffic for .corp and .home is from
>people rather than botnets?
Through forensic analysis.
>Besides Paul's valid "what if it's 100,000?", how does an engineer
>distinguish between 100x people and 100x organized bots?
I dunno. How do we know that the traffic for .corp and .home is from
people rather than botnets?
>If there is a group of people using an identifier as you describe, then
On May 8, 2015, at 7:10 PM, Suzanne Woolf wrote:
>
> I share David’s reservations about this— how do we objectively and
> reproducibly distinguish “people are using these in private networks” from
> “people are generating arbitrary traffic to the roots for these”?
I think doing so would be a f
On May 9, 2015, at 6:08 AM, Warren Kumari wrote:
>> Two more related points:
>>
>> 1. In my very original comment on this matter:
>> www.ietf.org/mail-archive/web/dnsop/current/msg12614.html
>> I noted one other corner case, which we might also want to clarify:
>> On a related note, there
On May 9, 2015, at 6:07 AM, Warren Kumari wrote:
>> In Section 2, there should be a new paragraph after the first paragraph that
>> describes why the "reasonable attempt" in the first paragraph is needed to
>> determine whether the attacker has partial control of the zone, or is just
>> mountin
On Wed, May 6, 2015 at 6:51 PM, 神明達哉 wrote:
> At Tue, 5 May 2015 17:06:04 -0400,
> Warren Kumari wrote:
>
>> ... and now I'm replying to the rest of the comments.
>
> Thanks, I've confirmed that my major and minor points are addressed in
> the 05 version. So I'm now basically fine with shipping
On Wed, May 6, 2015 at 5:08 PM, Dan York wrote:
> Warren and Tim,
>
> I support the publishing of this document subject to incorporating the
> various comments I’ve seen here on that list. I had a couple of specific
> points but they seem to have been covered by others, so…
>
> On May 6, 2015, at
On Wed, May 6, 2015 at 3:33 PM, Rose, Scott W. wrote:
> I think the draft is just about ready for publication as well.
>
> On May 5, 2015, at 5:53 PM, Paul Hoffman wrote:
>
>> This document has progressed very well and is nearly ready for publication.
>>
>> Related to an earlier thread about inte
[ Top post ]
Integrating these -- 'parently I'm processing emails out of order...
Thank you for your comments, I've integrated them and will post a new
version soon (planning on incorporating some of Jinmei's comments
before posting).
On Tue, May 5, 2015 at 5:53 PM, Paul Hoffman wrote:
> This d
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations Working Group
of the IETF.
Title : Definition and Use of DNSSEC Negative Trust Anchors
Authors : Paul Ebersman
On 5/7/15, 11:41, "John Levine" wrote:
>ICANN has a whole bunch of rules that mandate that once you've paid
>the $185,000, you have to deploy a DNSSEC signed zone on multiple
>servers, implement elaborate reservation and trademark claiming rules,
>takedown processes, WHOIS servers, and so forth.
Playing "devil's advocate"
(http://en.wikipedia.org/wiki/Devil%27s_advocate):
On 5/9/15, 3:54, "John R Levine" wrote:
>Let's say we found that there's some online thing we never heard of
>before, but it turns out that 100,000,000 people in India and China use
>it, it uses private names in .SECR
On 5/9/15, 1:10, "Suzanne Woolf" wrote:
>I share David’s reservations about this— how do we objectively and
>reproducibly distinguish “people are using these in private networks”
>from “people are generating arbitrary traffic to the roots for these”?
One good characterization of the technical pr
On Fri, May 8, 2015 at 2:41 AM, Warren Kumari wrote:
> [ Top post ]
>
> Thanks for all the comments. I've integrated most of them (need
> additional text for one), and am posting a new version with the
> changes.
>
> Comments inline.
>
> On Wed, May 6, 2015 at 8:37 AM, Tony Finch wrote:
>> I have
15 matches
Mail list logo
