Mike Bishop has entered the following ballot position for draft-ietf-dnsop-cds-consistency-09: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-dnsop-cds-consistency/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Thanks for the work on this draft. I have one DISCUSS point that I think will help improve the draft and is (hopefully) easily addressed. In Section 3.2, we see the following text: > CSYNC-based updates may cause validation or even insecure resolution to break (e.g., by changing the delegation to a set of nameservers that do not serve required DNSKEY records or do not know the zone at all). Parental Agents SHOULD check that CSYNC-based updates, if applied, do not break the delegation. Is there a definition of how the Parental Agent "check[s] that ... updates ... do not break the delegation"? I would have expected a more concrete instruction here, such as repeating the same queries on the proposed delegation targets and ensuring that they, too, return records consistent with what was found on the existing nameservers. Perhaps this already exists somewhere and a reference is sufficient? ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- One nit in the Abstract: "parent-side entities has to" => "parent-side entities are required to" or "the parent-side entity is required to" _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
