Re: [arch-d] [DNSOP] Call for Comment: <draft-iab-arpa-authoritative-servers-00> (Nameservers for the Address and Routing Parameter Area ("arpa") Domain)
Tim Wicinski <tjw.ietf@gmail.com> Thu, 06 May 2021 19:43 UTC
Return-Path: <tjw.ietf@gmail.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F413C3A2E30; Thu, 6 May 2021 12:43:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZH_YKRq8ZsVI; Thu, 6 May 2021 12:43:12 -0700 (PDT)
Received: from mail-lj1-x22f.google.com (mail-lj1-x22f.google.com [IPv6:2a00:1450:4864:20::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01D3F3A2E2E; Thu, 6 May 2021 12:43:11 -0700 (PDT)
Received: by mail-lj1-x22f.google.com with SMTP id y9so8576952ljn.6; Thu, 06 May 2021 12:43:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kiRl9XvU4Gfvuk+vhDS8gP6qPcVv5cbW99LH76KSooI=; b=iYwLqNdTIsOqkYDnNFp2BLFOJOI4CextVtNm2Xlmv8B7s0ku/DH00SBTadRWDWmtZF A8GsZGfHj9iEXB+0F9R1cHl5K+l0mmjldN61poYa3FiLzVJB6Fpm6rAazoPe1GhTfX+0 k5s16sYZQViSaXKZI/t3FlFfSuzoeCgsBI1R8zTiWhGFjm9MS8/PiOECL7+8VIo+mqv+ LBdPrYWH4N096SspCSldu/jxoiEFGr60RaZwk0Rvvn/1vhMPPLm0TT8hPjUVRwALVmTd 1oAa+xVjOKZ7A/lb5LSTjzdN5PC07WN9Ej0GHmB5IAeKSpo01XdodsJ2VrhtvMo+vesF S7QA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kiRl9XvU4Gfvuk+vhDS8gP6qPcVv5cbW99LH76KSooI=; b=dpbFwZEImnWhdw3814IcZo3VGdXFKqK9fef6/1Nq4VBNEJZ+KlGHR6uS2JL1Jky/5P KwH1MNDbLmr21sk1o21hrE1w4BDCqu35v9GLfnssvp82mlpfvRD0NSDxwu41S6IW1qhb 189FHe+/s6hGhDreMHrEKlCL0kLQkwG87ACFm44DLNK0R9cKDUDstZgb52czMAYAl5lE beO48l9bJFjhGB8IkK/mDrcaDSrfA8CY2zK2qUu5Jv/rTUcOpgH3JO9Ybx/593BNc9hX ZVMiPR3UFntdwDbPvroEDK/jzQbyfJewgmcf9UcCNTUnH5Gwfmy7VyztdWcp5+0eDig3 Mm/g==
X-Gm-Message-State: AOAM533nSFnaT3MkzOLJprm9nufErnUCLoPvU9LgOf33bTFImDb3nxQk Amp05dt03+LsgIBnyof4AuiG7XIkmzEPdAuPw4c=
X-Google-Smtp-Source: ABdhPJw0XaYCcJaVyKXbEC5DwehtUxseohN7ojyXr3cbNRd5yswEAIFHC4xdF6PG/RURJYNGA25UG2Rg2ONokxNg0+Y=
X-Received: by 2002:a2e:3a11:: with SMTP id h17mr4924427lja.363.1620330187628; Thu, 06 May 2021 12:43:07 -0700 (PDT)
MIME-Version: 1.0
References: <162032688379.30751.17216920147784179639@ietfa.amsl.com> <850726D3-4ED3-4D12-AB36-E386D90210D9@hopcount.ca>
In-Reply-To: <850726D3-4ED3-4D12-AB36-E386D90210D9@hopcount.ca>
From: Tim Wicinski <tjw.ietf@gmail.com>
Date: Thu, 06 May 2021 15:42:54 -0400
Message-ID: <CADyWQ+EXQVS6gTEfd+2GzaSBP4e5VpHOoXAQTd=EfuA8eDrdOA@mail.gmail.com>
To: Joe Abley <jabley@hopcount.ca>
Cc: architecture-discuss@ietf.org, iab@iab.org, dnsop <dnsop@ietf.org>, IETF Announcement List <ietf-announce@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000040a1ce05c1ae85f7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/KAKjL1v3yrEKPP3KfTWgOI7SWoY>
Subject: Re: [arch-d] [DNSOP] Call for Comment: <draft-iab-arpa-authoritative-servers-00> (Nameservers for the Address and Routing Parameter Area ("arpa") Domain)
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 May 2021 19:43:18 -0000
(no hats) I'm glad this is moving forward. Joe's point about 5855 is valid on the naming, and the zone cuts. It's never mentioned the zone is signed, though I'm sure everyone here reading it expects it. Nit: At the top, instead of "Updates: RFC3172" it should be "Updates: 3172". tim On Thu, May 6, 2021 at 3:26 PM Joe Abley <jabley@hopcount.ca> wrote: > On 6 May 2021, at 14:48, IAB Executive Administrative Manager < > execd@iab.org> wrote: > > > This is an announcement of an IETF-wide Call for Comment on > > draft-iab-arpa-authoritative-servers-00. > > > > The document is being considered for publication as an Informational RFC > > within the IAB stream, and is available for inspection at: > > <https://datatracker.ietf.org/doc/draft-iab-arpa-authoritative-servers/> > > > > The Call for Comment will last until 2021-06-03. Please send comments to > > architecture-discuss@ietf.org and iab@iab.org. > > I have read this document. It is good to see this work proceeding. It has > been in the fridge for a long time and it's good to get it on the stove. > > I have a few minor suggestions that the authors might like to consider. > > 1. In various places the text refers variously to phrases like "root > operations" and "root server operations". I think the terminology could use > some consistency; there are differences between the management of the root > zone as a data object, its provisioning through the IANA functions operator > and the Root Zone Maintainer and serving it on nameservers operated by Root > Server Operators. If the document has things to say about this, even at a > high level, I don't think there is harm in being clear. The authors are > more aware of these differences than most other people and I don't think > they need my editorial suggestions in this regard, but if it seems like it > would be helpful to be more explicit by way of illustration I'd be happy to. > > 2. RFC 5855 which the document cites uses a naming scheme for the IP6.ARPA > servers of the form <letter>.IP6-SERVERS.ARPA, and > <letter>.IN-ADDR-SERVERS.ARPA for the IN-ADDR.ARPA servers. It seems to me > that it would do no harm to choose a scheme for ARPA of the form > <letter>.ARPA-SERVERS.ARPA for the ARPA zone; response size differences are > minimal thanks to label compression and I think the scheme is more > consistent (also with the names of the root servers). It also helps, I > think, to give the impression that these servers are intended for a single > purpose and are not general-purpose nameservers intended also to host other > zones in the future (which I think would be a mistake). > > 3. This document describes a naming scheme under NS.ARPA (but see 2, > above) without specifying whether it should be provisioned within the ARPA > zone, or in a separate zone as was specified in RFC 5855. If the practice > established in RFC 5855 (and in the root zone before it) was continued, > this would be a separate zone hosted on the same servers as ARPA. If this > ambiguity is deliberate (if it's desirable to leave this up to the whim of > the IANA functions operator) then it would be good to document why. I think > there are operational advantages to having zone cuts in the namespace, e.g. > to preserve the possibility of hosting the child zones elsewhere, perhaps > because it becomes operationally useful to sign them differently, speaking > of which: > > 4. There's no mention of whether NS.ARPA (again, see 2, above), if it is > provisioned as a separate zone, should be signed. Given the ambiguity in > (3) I think this is a gap that could usefully be filled. I think it should > be signed. > > 5. The term "in-bailiwick" feels awkward to me in the context of section > 3.1, since to me it's a term associated with response construction and what > is being discussed in that paragraph is namespace. However, since every TLD > requires glue in the root zone I think the whole of the last paragraph > could be safely removed. It's sufficient that ARPA be delegated according > to normal practices for handling TLDs, and I don't think it makes sense to > give the appearance of including special requirements for ARPA in this > document, even if today they match everything else. > > Hope this is helpful, and once again I'm glad to see this work is moving > forward. > > > Joe > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
- [arch-d] Call for Comment: <draft-iab-arpa-author… IAB Executive Administrative Manager
- Re: [arch-d] [DNSOP] Call for Comment: <draft-iab… Russ Housley
- Re: [arch-d] [DNSOP] Call for Comment: <draft-iab… Paul Wouters
- Re: [arch-d] [DNSOP] Call for Comment: <draft-iab… Eliot Lear
- Re: [arch-d] [DNSOP] Call for Comment: <draft-iab… Joe Abley
- Re: [arch-d] [DNSOP] Call for Comment: <draft-iab… Tim Wicinski
- Re: [arch-d] [DNSOP] Call for Comment: <draft-iab… Warren Kumari
- Re: [arch-d] Call for Comment: <draft-iab-arpa-au… Yasuhiro Orange Morishita