[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Cfrg] Re: [saag] Algorithm upgrades
In message <C6DDA43B91BFDA49AA2F1E473732113E010BECF3 at mou1wnexm05.vcorp.ad.vrsn.
com>, "Hallam-Baker, Phillip" writes:
>
>What we need is a policy layer for the whole application protocol layer
>stack. It should not be part of the individual protocols, it should be part
>of the DNS.
>
I'm very far from convinced that a single policy layer is feasible or
even desirable -- policies for individual applications will vary too
much. That said, I'm 100% certain that putting anything like policies
into the DNS is a bad idea. The discussion in RFC 3445 outlines some
reasons why this is a bad idea; I could go on about this at great
length, but this is probably the wrong forum for that discussion.
--Steve Bellovin, http://www.research.att.com/~smb
_______________________________________________
Cfrg mailing list
Cfrg at ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg