W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2017

affiliated domains: DNS Administrative Boundaries

From: =JeffH <Jeff.Hodges@KingsMountain.com>
Date: Mon, 6 Nov 2017 14:33:39 -0800
To: W3C WebAppSec WG <public-webappsec@w3.org>
Message-ID: <e84432ec-4b57-c6be-d3ee-9e2be54384f6@KingsMountain.com>
wrt affiliated domains, there has been thought on the problem over the 
past few years.

For example, here is the problem statement draft from the (stillborn, 
unfortunately) IETF DBound working group:

   DBOUND: DNS Administrative Boundaries Problem Statement

Additionally, Andrew Sullivan and I propose this resolution approach:

   Asserting DNS Administrative Boundaries Within DNS Zones

The DBound working group folded (IMHO) due to gridlock, lack of a 
dedicated champion(s) to consistently drive the process, and lack of 
browser vendor interest. Essentially, this is a tough, 
subtle-but-important problem which does not have to be solved _today_. 
I.e., the present approach is "good enough (for now)". However, this 
problem  may be becoming more immediately salient?


Received on Monday, 6 November 2017 22:34:21 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:55:02 UTC