Re: (short version) Re: Last Call: <draft-faltstrom-uri-10.txt> (The Uniform Resource Identifier (URI) DNS Resource Record) to Proposed Standard

[John C Klensin <john-ietf@jck.com>]

--On Wednesday, February 25, 2015 22:18 -0500 Sam Hartman
<hartmans-ietf@mit.edu> wrote:

>     John> I think the rest is a bit of a judgment call.  While
> I'd be     John> happy to see a comprehensive document that
> would address all     John> of those issues, I would also like
> to get a good description     John> of the RRTYPE published
> somewhere soon, ideally a couple of     John> years ago.  It
> seems to me that making a complete analysis of     John>
> security alternatives, or a complete analysis of the URI
> John> situation as it relates to this RRTYPE, much less both
> are     John> likely to be a _lot_ of effort and that, if we
> want to get the     John> document published, what should be
> done should probably be     John> confined to explicitly
> noting the issues, e.g., that any     John> indirection
> through the DNS raises security issues that need     John>
> careful understanding and for which there is no magic bullet.
> 
> I'm happy with an informational document that does the above
> and claims only to describe the existing RR type.
> I'm not happy with a standards-track document that fails to
> cover the security issues in significantly better detail.

I'm inclined to be a little more flexible, but certainly a
choice between a narrowly-written Informational document and a
comprehensive Standards-track one -- with "comprehensive"
including careful discussion of both security considerations and
relationships to other alternatives -- would be my first
preference.

The current I-D is none of the above.  Instead, it is a mixture
of description of a new RRTYPE with an update to an existing
RRTYPE and weak coverage of relationships, alternatives,
security, and other tradeoffs.

   john