IETF Logo Mail Archive

Re: [art] [dbound] [DNSOP] Related Domains By DNS (RDBD) Draft

David Conrad <drc@virtualized.org> Wed, 27 February 2019 17:23 UTC

Return-Path: <drc@virtualized.org>
X-Original-To: art@ietfa.amsl.com
Delivered-To: art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6DFF13102D for <art@ietfa.amsl.com>; Wed, 27 Feb 2019 09:23:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=virtualized-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mOyduQk-62O4 for <art@ietfa.amsl.com>; Wed, 27 Feb 2019 09:23:32 -0800 (PST)
Received: from mail-pg1-x535.google.com (mail-pg1-x535.google.com [IPv6:2607:f8b0:4864:20::535]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F40713101F for <art@ietf.org>; Wed, 27 Feb 2019 09:23:31 -0800 (PST)
Received: by mail-pg1-x535.google.com with SMTP id e17so6223785pgd.2 for <art@ietf.org>; Wed, 27 Feb 2019 09:23:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtualized-org.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc:message-id:references :to; bh=ttSqyxB3cbhgqQl5fsj8buYvZ3Rg6VFsucrvLmije44=; b=KSm+OWUFLaFmx9Nz5kD1jMRCWyjQN6fQj0ERznBd+ccHQAA1lmNwMefl4Ay3uI36IN cCIOvW7lJxBfqawkgjB+bSrASDPfl0LV6rWTqD9OchlPf7gna7XWBnvXB6viGTXQU5JM gbuC+49X6qJrr8pmMCTBtFDnAkKClXR2mj4w7N2+/29UfAe4HzSMLg6tNyjNRDll2l5m aKSoUVrPyUfFdAsCWXgypqyU38tcBBzzecDCJ6z6mEtpp5oFQS9doc4pdVuxit+VDE4P UwEIQnQkr2hSPjd1wOjmnMQYo1AGlWdgOgw8MTll3sx+LV3I6k0CRcRQYq+J2T0PMXTf c9Hw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=ttSqyxB3cbhgqQl5fsj8buYvZ3Rg6VFsucrvLmije44=; b=WKezwhEHl6kreTtI9vyqVehFKHmH8PoYakNHroOmuyiFBAPbtjfwVZDdrt1lEt62iK N/n5F9e959EYhslLGdXEvkWD10mf8fL0A8ts0gLwOZz15u+4cNpjH/GrwETBhiUHFK4E bMH4RV8Vq7Jv2Yba/1+P/mNjKeHK3k+5T2foZ5vgBW+V4irZFRDqqlxy12pMq5KAFI28 cHiv5LGz3siBKzNE/nzRSv7Kv/8FpTlXWALuvyweURK51vnNBFVRLviLIvKSbQW9HXa+ 0Exxbefs/n4z6Ajl0RXPAx87A9BZVfzZU1CwlteNiYAIJrgCYgKaxefez/whUYYze8y4 wVbw==
X-Gm-Message-State: AHQUAuaRYqfI27fsZy+R9lyLbDefj43seBPoJYxpT6sOgnCxwPnxS9Tq pDaDgtwS7PC1mVVLxkHHFBr9JA==
X-Google-Smtp-Source: AHgI3IbgH24qGupZnDyISMKrI82zxtW2vQPOKLQfMj5CGaTe0LMuKerOlmYGny2sEMUq7OnGv7KoYw==
X-Received: by 2002:a63:9dc3:: with SMTP id i186mr3948537pgd.305.1551288210360; Wed, 27 Feb 2019 09:23:30 -0800 (PST)
Received: from [10.32.61.11] (32-236.lax.icann.org. [192.0.32.236]) by smtp.gmail.com with ESMTPSA id e63sm31993148pfa.116.2019.02.27.09.23.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 27 Feb 2019 09:23:29 -0800 (PST)
Content-Type: multipart/signed; boundary="Apple-Mail=_0223F428-57F0-4A94-92FB-A199C8BE62D4"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
From: David Conrad <drc@virtualized.org>
In-Reply-To: <f14544d37a774907a7cc76ab5bdb8b72@PACDCEX19.cable.comcast.com>
Date: Wed, 27 Feb 2019 18:23:22 +0100
Cc: Paul Wouters <paul@nohats.ca>, "art@ietf.org" <art@ietf.org>, "dnsop@ietf.org" <dnsop@ietf.org>, "dbound@ietf.org" <dbound@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailbutler-Message-Id: 836038D5-D2BE-4039-88D3-6AE159723752
Message-Id: <3E32ABA2-6E8E-4E92-A5FB-F194CFC62A5D@virtualized.org>
References: <5de9ba1c3ae34edb9c7f39e0e9c3b143@PACDCEX19.cable.comcast.com> <alpine.LRH.2.21.1902270920580.8896@bofh.nohats.ca> <f14544d37a774907a7cc76ab5bdb8b72@PACDCEX19.cable.comcast.com>
To: "Brotman, Alexander" <Alexander_Brotman@comcast.com>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/art/-kytuS6HFboGs2eXRfvfm4WtUCc>
Subject: Re: [art] [dbound] [DNSOP] Related Domains By DNS (RDBD) Draft
X-BeenThere: art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications and Real-Time Area Discussion <art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/art>, <mailto:art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/art/>
List-Post: <mailto:art@ietf.org>
List-Help: <mailto:art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/art>, <mailto:art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2019 17:23:34 -0000

Alexander,

On Feb 27, 2019, at 4:32 PM, Brotman, Alexander <Alexander_Brotman@comcast.com> wrote:
> I'm supportive of doing this in other ways, but also understand that DNSSEC is not widely deployed.

There is a difference between not being deployed and not being turned on.  My impression is that most DNS servers these days support DNSSEC, however it has largely not been enabled.  If you are going to be putting stuff into the DNS for security decisions, you need to protect that stuff and that means turning on DNSSEC.

Regards,
-drc

v2.23.0 | Report a Bug | By Email