|
On 1/23/14, 12:02 AM, Sam Hartman
wrote:
* If we were doing DDS/NAPTR work today I should be able to ask whether confidentiality is a requirement and if so why DNS is an appropriate substrate. And herein lies the problem. It would depend on the record's application, and how information was released that couldn't otherwise be relatively easily gleaned. Would you find that a sufficient answer? And what if you didn't? Who should decide? Nothing stops you from asking the question now, by the way, and we're already saying that people should ask these sorts of questions and give serious consideration to the matter. And the example points to another problem. We neither have a common view of what the threat is or how best to mitigate it. Therefore, at this moment in time, how can we go any further without (a) possibly addressing the wrong threat, and (b) causing inefficient or inappropriate architectural changes? My previous sentence more than implies, by the way, that this situation is subject to change based on how we further our understanding of the issue. The draft also states that. Eliot |