[dns-operations] TLSA records on MX
James Cloos
cloos at jhcloos.com
Tue Jun 11 23:11:39 UTC 2013
>>>>> "DB" == Doug Barton <dougb at dougbarton.us> writes:
DB> IMO the "main" draft could use a little more clarity, including some
DB> more examples, and personally I would incorporate the MX text in the
DB> same draft. It's true that the MX and SRV cases are distinct, but
DB> they're not _that_ different.
Didn't Tony do that, in a later draft?
DB> I'm having trouble understanding what the utility of TLSA records
DB> would be in the absence of DNSSEC.
IIRC, Tony's draft intended the non-dnssec recomendations also to skip
tlsa records.
As for tlsa w/o dnssec, that were some discussions early on here re-
questing that dane support what we now call tlsa type 0 w/o dnssec, on
the grounds that it still could be useful. My recollection is that the
final consensus rejected that. But I don't have time to re-read things
now, lest my dinner overcook. :)
-JimC
--
James Cloos <cloos at jhcloos.com> OpenPGP: 1024D/ED7DAEA6
More information about the dns-operations
mailing list