Hi,
I am neutral to this draft, but I expect it will progress so have some nits
nonetheless.
# Section 2
- "GHOST domain attacks" is undefined (references are given only later)
- also, subsequent sentence has superfluous comma
# Section 4
CURRENT
be sub-optimal for upgrading NS RRset credibility.. An implementation
MAY limit revalidation to delegations that cross administrative
boundaries such as anywhere in ".ip6.arpa" and ".in-addr.arpa" as
well as any so-called "public suffix" such as the root zone, top
level zones such as ".com" or ".net", and effective top level zones
such as ".ad.jp" or ".co.uk".
- I find the assertions about administrative boundaries somewhat confusing (especially, I
don't see why subdelegations "anywhere" in the reverse space should be crossing
administrative boundaries), nor is it clear what administrative boundaries have to do
with the technical recommendation. -- Isn't this rather about limiting revalidation to
delegations where a reliably managed child-side NS RRset is expected to be present? Then
I guess we can say that for the root, for the public suffixes, and (mostly) for all of
.arpa. If that was the point, perhaps say that :)
- In any case, I don't think the root is considered a public suffix.
- also, preceding sentence has superfluous period
# Section 6.1/6.2 inconsistencies:
- 6.1 says "RECOMMENDED" vs 6.2 says "may consider"
- *strict* vs _strict_ / _opportunistic_
Peter
On 11/2/25 14:32, Benno Overeinder wrote:
Hi all,
The draft draft-ietf-dnsop-ns-revalidation had its first Working Group Last
Call (WGLC) in March 2025. Based on the feedback received during that period,
the chairs concluded that the document needed to be revised to incorporate the
working group's input before proceeding.
A new revision of the draft was published in October 2025, and the we are now
inviting the DNSOP working group to review the updated document as part of a
second WGLC.
This starts a Working Group Last Call for draft-ietf-dnsop-ns-revalidation
"Delegation Revalidation by DNS Resolvers"
Current version of the draft is available here:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-ns-revalidation/
The Current Intended Status of this document is: Proposed Standard
Please review the draft and offer relevant comments.
For WGLC, we need positive support and constructive comments; lack of objection
is not enough.
So if you think this draft should be published as an RFC, please say so.
If you feel the document is *not* ready for publication, please speak out with
your reasons.
This starts a two week Working Group Last Call process, and ends on: November
17, 2025
Thanks,
Benno and Ondrej
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
--
Like our community service? 💛
Please consider donating at
https://desec.io/
deSEC e.V.
Möckernstraße 74
10965 Berlin
Germany
Vorstandsvorsitz: Nils Wisiol
Registergericht: AG Berlin (Charlottenburg) VR 37525
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
