Comments from Paul Wouters to check in the context of registries

[boucadair]

1

Note that if the zone hhit.arpa is ultimately used, some registrar will need to manage this for all HHIT applications.

Regardless of what zone is used, someone needs to keep it operational. It might be an attractive target to attack, eg to try and avoid drones being shut down. I would feel much better if this zone was optional, not mandatory. (but if optional, one could also argue maybe not have it at all?)

If the HHITs cannot be looked up with services provided by the registrar identified via the embedded hierarchical information or its registration validated by registration attestations messages [drip-authentication], then the HHIT is either fraudulent or revoked/expired.

That's quite catastrophic if there is a Registrar/Registry outage. Would all the drones get shot down or would they all be ignored (so they can fly to their terrorism target)

[kc2rxo]

This is a valid security concern I wish to bring up with the WG and discuss.

For me, this starts to slip into the enforcement policies of a given entity. This is something we should never make claims or recommendations to.

However it may be best to have something in the security section that gives the possible scenarios that an entity wishing to write legislation for enforcement can cite and build from. We can try to be as thorough as possible here.