On 24 Feb 2015, at 18:32, Sam Hartman <hartmans-ietf(_at_)mit(_dot_)edu>
wrote:
Victor is correct. This draft introduces indirection through DNS.
Typically in the past when we've done indirection through DNS, we've not
changed the expected security principal that we're targeting.
It's that change that significantly changes the security model.
It is not new with this draft and URI, it is done for example with SRV, and
also MX.
That said, it is an important discussion to have, and I have waited for the DNS
and Applications Community to talk about it.
Patrik
signature.asc
Description: Message signed with OpenPGP using GPGMail