On 15 Sep 2017, at 14:44, Stephen Farrell wrote:
On 15/09/17 20:25, Ted Hardie wrote:
This set of questions is pretty different from the ones you get with
"function over different paths", because the locus of control moves
from
the mostly-trusted browser to the mostly not trusted downloaded
application.
FWIW, I share Ted's concerns about origins. Regardless
of what approaches are taken, the effects of this need
to be well understood I think. I don't object to the WG
being chartered though but would suggest that there be
a mention in the charter that the WG needs to document
the consequences, including the dangers, of caching and
re-use of DNS answers for likely implementations.
The charter already points to the document that the work will be based
on, which has that topic in it, because *you* pointed it out in the
earlier discussion of the document. As co-author on the document, I
assure you we will not remove it, if for no other reason than I wouldn't
want to face your wrath again in IETF Last Call. :-)
I'd be even happier if the resulting spec had a bunch
of MUST NOT statements about that, if such statements
were likely to be effective.
All MUST NOTs are only partially effective, but we use them anyway to
help good implementers. If you have some proposed MUST NOTs on the
current document, by all means send them in.
--Paul Hoffman