[NCAP-Discuss] Additional comments on the comments to the Scarfone Draft
Danny McPherson
danny at tcb.net
Wed May 6 19:49:23 UTC 2020
On 2020-05-06 15:43, Jeff Schmidt via NCAP-Discuss wrote:
>> Jeff, you're the one that made noise about corp.com which largely
>> occurs
>> because of .CORP and you submitted a paper just last week saying there
>> should be more outreach. You can't have it both ways.
>
> I've never said collisions aren't a problem. I've said we understand
> them and what we (collective, royal We) have done since 2012 to
> mitigate the risks associated with adding labels to the root worked.
> If anyone wants to do this (put things in the root) again, we should
> do what we did before and expect the same, successful, results. 6
> years of history on this. What I'm concerned about is the hamster
> wheel of analysis paralysis we seem to be stuck in. See my "no bid"
> email from a year-ish ago.
Did you try CI for corp.com to mitigate the risks? Was it effective?
> You and others have analyzed the crap out of it and if there were
> evidence showing it was ineffective or dangerous it would have
> surfaced by now. Absence of evidence is not evidence of absence.
There is evidence, collisions have occurred after CI periods have ended,
no?
Further, the most virulent types of attacks are never going to be
reported.
> I've heard this argument before, but I would assert at this point that
> CI has been more widely analyzed and evaluated in real-world global
> production and "peer reviewed" much than any other theoretical,
> academic, paper-only approach.
Do you have any references?
-danny
More information about the NCAP-Discuss
mailing list