Re: Traveling, time for a discussion

[Jaap Akkerhuis <jaap@sidn.nl>]

    To cut to the chase, I'm departing for a DNSSEC meeting in Malmo in about
    18 hours.  So it's time somebody starts a meaty thread. ;)
    
Just back from my traveling, I haven't seen anybody bite yet.

    Here's a suggested topic - is the NO RR better than the NXT RR
    be enough to make us want to switch to it?  (Or has there
    already been consensus on this and I just missed it.)

As far as I remember, at the Minnie IETF meeting, it was proposed that
the NO RR draft should probably take the experimental route for the time
being since there is hardly any experience with the NXT either. And if I
recall correctly, this was the consensus.

I deciced to check the preliminary minutes. They state:

	NO record: Simon Josefsson OG: Simon is not here.  Minor
	discussion on this on the mailing list, which is interesting,
	because this is a big question in front of us.  NO has
	certain properties that some people and organizations don't
	like.  NXT is disliked, NO is not as universally disliked.
	Main argument against changing is we have some experience
	with NXT and no chance for interoperabilty with NO any time
	soon.  The question in front of the working group is to
		- Go with NO,
		- go with NXT,
		- drop authenticated denial completely?

	Lively discussion resulted, pointing out that even if NO
	sucks less than NXT the cost of deploying it is higher (no
	software, longer names) and there is no real experience
	either way.  Rob Austein proposed that the working group
	try on the mailing list to come to a consensus on if
	authenticated denial is needed.  Some questions if NO should
	be published as experimental, and there is support for that
	and to try to get some operational measures on how NXT and
	NO compare.

Looks like my memory didn't fail me this time. I assume that the
mailinglist mentioned here is actually the dns-ext one (namedroppers),
not this one (dnssec).

	jaap