Re: Self-service tooling requires fine-grained authz -- it's NOT about the application protocol (was Re: (internal) DNS dysfunction is enterprise settings)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 3/11/19 11:48 PM, Nico Williams wrote:

There are several problems, some of which are interrelated.   I am not
insistent that any of them be fixed by protocol changes, though I suspect
that some changes and/or new protocol work would be desirable.  I also
suspect that some new tooling is desirable.   I also suspect that some
policy changes might be appropriate.   And perhaps some operational
recommendations.
The IETF doesn't build tooling.  Just protocols (and APIs, though some
will nay-say that in 3, 2, ...).

I don't think it should be forbidden to discuss problems observed with DNS and to try to understand which measures would effectively address those problems, even while understanding we're not going to produce all of those fixes within IETF.   For those parts of the solution which we'd normally consider beyond our scope, documenting what we think those parts might look like could still be a valuable contribution.   And IETF people know people who can get some of these things done.

The alternative is for IETF to erect a "somebody else's problem" field and hope that the problem will disappear.  That's what we've often done, but I don't think it works well.

Keith





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux