Comments from Paul Wouters to check in the context of registries

[boucadair]

#1

Note that if the zone hhit.arpa is ultimately used, some
registrar
will need to manage this for all HHIT applications.

Regardless of what zone is used, someone needs to keep it
operational.
It might be an attractive target to attack, eg to try and avoid
drones
being shut down. I would feel much better if this zone was
optional,
not mandatory. (but if optional, one could also argue maybe not
have it
at all?)

If the HHITs cannot be
looked up with services provided by the registrar identified
via the
embedded hierarchical information or its registration validated
by
registration attestations messages [drip-authentication], then
the
HHIT is either fraudulent or revoked/expired.

That's quite catastrophic if there is a Registrar/Registry outage.
Would
all the drones get shot down or would they all be ignored (so they
can
fly to their terrorism target)

[kc2rxo]

This is a valid security concern I wish to bring up with the WG and discuss.

For me, this starts to slip into the enforcement policies of a given entity. This is something we should never make claims or recommendations to.

However it may be best to have something in the security section that gives the possible scenarios that an entity wishing to write legislation for enforcement can cite and build from. We can try to be as thorough as possible here.