--On Wednesday, February 25, 2015 22:18 -0500 Sam Hartman
<hartmans-ietf(_at_)mit(_dot_)edu> wrote:
John> I think the rest is a bit of a judgment call. While
I'd be John> happy to see a comprehensive document that
would address all John> of those issues, I would also like
to get a good description John> of the RRTYPE published
somewhere soon, ideally a couple of John> years ago. It
seems to me that making a complete analysis of John>
security alternatives, or a complete analysis of the URI
John> situation as it relates to this RRTYPE, much less both
are John> likely to be a _lot_ of effort and that, if we
want to get the John> document published, what should be
done should probably be John> confined to explicitly
noting the issues, e.g., that any John> indirection
through the DNS raises security issues that need John>
careful understanding and for which there is no magic bullet.
I'm happy with an informational document that does the above
and claims only to describe the existing RR type.
I'm not happy with a standards-track document that fails to
cover the security issues in significantly better detail.
I'm inclined to be a little more flexible, but certainly a
choice between a narrowly-written Informational document and a
comprehensive Standards-track one -- with "comprehensive"
including careful discussion of both security considerations and
relationships to other alternatives -- would be my first
preference.
The current I-D is none of the above. Instead, it is a mixture
of description of a new RRTYPE with an update to an existing
RRTYPE and weak coverage of relationships, alternatives,
security, and other tradeoffs.
john