On 4/12/21 4:18 PM, Nico Williams wrote:
On Mon, Apr 12, 2021 at 03:43:31PM -0700, Michael Thomas wrote:
The one thing that bugs me about DANE is its use of a native RR type. This
is a well trodden argument of doing it proper and doing it in a deployable
way. We know what happens when you do it the "right way" which is usually
nothing at all. If it started to get popular, we could gin up a TXT record
alternative though, I suppose. When we were doing DKIM at Cisco, our IT
folks were incredibly accommodating, but implementing a new RR type in their
infrastructure would have probably been a bridge too far. Heck, I wouldn't
be surprised if Mark at Y! got told the same thing :)
Hmm, well, as they say, "new RR types are cheap", though more
importantly document authors get forced to use new RR types rather than
use TXT RRs. But tooling for hosting sites and such is a problem, yes,
even if it isn't for servers and clients. But this is water under the
bridge now. And if anything, the IETF is tripling down on more new RR
types.
Maybe somebody should take score of the new RR's vs. deployment. Data is
our friend.
Mike