Re: [DNSOP] I-D Action: draft-ietf-dnsop-serve-stale-00.txt

神明達哉 wrote: At Thu, 16 Nov 2017 22:02:33 -0800, Paul Vixie wrote: https://mailarchive.ietf.org/arch/msg/dnsop/zRuuXkwmklMHFvl_Qqzn2N0SOGY/?qid=ff8e732c964b76fed3bbf333b89b111f ...i wrote: therefore a "serve stale" team within IETF-DNSOP was convened, to try to

[DNSOP] Error handling in CAA

In the SPASM group, we are refining CAA (RFC 6844) based on the changes that were needed in order to get it passed at the CA/Browser Forum. There's one sticky bit in particular I'd like input on. Here's the current language in the BRs:

Re: [DNSOP] I-D Action: draft-ietf-dnsop-serve-stale-00.txt

At Thu, 16 Nov 2017 22:02:33 -0800, Paul Vixie wrote: > > Realistically, I expect virtually everyone will implement 3, given how > > this kind of feature is sold in the marketing context. ,,, > > me too. that's why, in: > >

Re: [DNSOP] I-D Action: draft-huston-kskroll-sentinel-04.txt

On Wed, Nov 15, 2017 at 1:38 AM, Warren Kumari wrote: > On Wed, Nov 15, 2017 at 9:45 AM, Joe Abley wrote: > > Hi Bob, > > > > On Nov 15, 2017, at 00:23, Bob Harold wrote: > > > > If I have to add those entries to each zone, I worry

Re: [DNSOP] 5011-security-considerations and the safetyMargin

1 something. I also believe it should scale as to the size of the subscription base in some way. Basically, this should answer the question of “ given a set of subscribers of size N, a per request failure rate of f, a retry time of R, how long do you have to wait until P% of the subscribers