Re: [Last-Call] Dnsdir last call review of draft-ietf-cdni-delegation-acme-03

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Vladimír,

In the latest version that was just posted, we've added the following to clarify the situation regarding DNS:
"Note: The delegation object defined in Section 2.3.1.3 of [RFC9115] only allows to specify DNS mappings using CNAME RRs. A future document updating  [RFC9115] could expand the delegation object to also include SVCB/HTTPS-based [RFC9460] mappings."

Thank you,
Regards,
Frederic

Orange Restricted

De : FIEAU Frédéric INNOV/NET
Envoyé : mardi 7 novembre 2023 14:57
À : dnsdir@xxxxxxxx <dnsdir@xxxxxxxx>
Cc : cdni@xxxxxxxx <cdni@xxxxxxxx>; draft-ietf-cdni-delegation-acme.all@xxxxxxxx <draft-ietf-cdni-delegation-acme.all@xxxxxxxx>; last-call@xxxxxxxx <last-call@xxxxxxxx>
Objet : RE: Dnsdir last call review of draft-ietf-cdni-delegation-acme-03
 
Hi,

Thank you for the review. I've noted your comments. AFAIK, there is indeed no impacts on DNS aspects.

Regards,
Frederic


Orange Restricted

-----Message d'origine-----
De : Vladimír Čunát via Datatracker <noreply@xxxxxxxx>
Envoyé : jeudi 12 octobre 2023 16:36
À : dnsdir@xxxxxxxx
Cc : cdni@xxxxxxxx; draft-ietf-cdni-delegation-acme.all@xxxxxxxx; last-call@xxxxxxxx
Objet : Dnsdir last call review of draft-ietf-cdni-delegation-acme-03

Reviewer: Vladimír Čunát
Review result: Ready

So, dnsdir assigned me reviewing this draft, but I basically failed to find DNS in it :-)  And I'm afraid I don't know ACME well, so I'm marking this draft as "Ready" just not to block it on DNS.  Maybe I've just missed it, so point me to the DNS aspects, please.

Still, let me at least comment around this DNS redirection.  The parent RFC
9115 only considers CNAMEs, at a glance.  It feels like for future the SVCB/HTTPS records should be considered a well (in a different draft/RFC).
They were designed with modern web CDN needs in mind, and among other features they support "redirecting" a zone apex, which seems practically important.  For a trivial example, you can't put a CNAME at example.com, only at BLOCKEDexample[.]comBLOCKED

[SVCB/HTTPS] https://eur03.safelinks.protection.outlook.com/?url="">


____________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.
-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux