Re: [DNSOP] Alternative Special-Use TLD problem statement draft

["Adrien de Croy" <adrien@qbik.com>]

------ Original Message ------
From: "Stephane Bortzmeyer" <bortzmeyer@nic.fr>
To: "Adrien de Croy" <adrien@qbik.com>
Cc: "Philip Homburg" <pch-dnsop@u-1.phicoh.com>; "dnsop@ietf.org" 
<dnsop@ietf.org>
Sent: 8/04/2016 12:35:32 a.m.
Subject: Re: [DNSOP] Alternative Special-Use TLD problem statement draft

>On Wed, Apr 06, 2016 at 08:48:19PM +0000,
>  Adrien de Croy <adrien@qbik.com> wrote
>  a message of 73 lines which said:
>
>>  so therefore the DNS namespace has to be perverted.
>
>>From the discussion at the IETF plenary yesterday evening, I got the
>feeling that IETF 100 in Singapore will be clean of perversions :-)
>
>>  And when I see arguments like the IETF should assign root names so
>>  that organisations who can't afford lawyers
>
>Such organisations should not be allowed to exist, I agree.
I didn't say or imply that - only that they should not be privileged 
compared with everyone else when it comes to getting names reserved in 
the domain name space.


>
>>  I think the security implications of a resolver checking some
>>  internet source for a machine readable list of the latest special
>>  use names have not even been considered,
>
>There is today, unfortunately, no such list. Should it exist in
>6761-bis, I'm fairly certain the authors would add in the Security
>Considerations section that the list must be authenticated (for
>instance HTTPS to IANA with a thorough certificate check). It is not
>different than the retrieval of the DNS root key.
And maybe it will be the first protocol ever to not suffer from 
unexpected security consequences.

Adrien

>
>
>_______________________________________________
>DNSOP mailing list
>DNSOP@ietf.org
>https://www.ietf.org/mailman/listinfo/dnsop