- From: Florian Weimer <fw@deneb.enyo.de>
- Date: Tue, 10 Jun 2008 21:18:41 +0200
- To: Brian Dickson <briand@ca.afilias.info>
- Cc: Gervase Markham <gerv@mozilla.org>, dnsop@ietf.org, David Conrad <drc@virtualized.org>, ietf-http-wg@w3.org
* Brian Dickson: > If you want grouping, there is a simple-to-code, reliable, and > authoritative way to do so. > > Zone cuts (in DNS). This is an bad idea because introducing a new zone at an existing name should really, really be transparent to the rest of the world. (Thanks to configuration options like (root-)delegation-only, this is already not true to some extent, but there's no reason to repeat past mistakes.) What's worse, bringing technical and administrative delegation into agreement requires significant changes, which are unlikely to happen. You need to take into account that this data is not just needed to make new services secure on the surface, but also to deal with fairly old protocol mishaps.
Received on Tuesday, 10 June 2008 19:19:55 UTC