Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-dnsop-svcb-https-12> for your review
Erik Nygren <nygren@gmail.com> Sun, 15 October 2023 13:45 UTC
Return-Path: <nygren@gmail.com>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AF8CC14CF1E; Sun, 15 Oct 2023 06:45:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xrMmOkoDLxbO; Sun, 15 Oct 2023 06:45:34 -0700 (PDT)
Received: from mail-wr1-x42d.google.com (mail-wr1-x42d.google.com [IPv6:2a00:1450:4864:20::42d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B165C14CEFE; Sun, 15 Oct 2023 06:45:33 -0700 (PDT)
Received: by mail-wr1-x42d.google.com with SMTP id ffacd0b85a97d-32d9cb5e0fcso1953102f8f.0; Sun, 15 Oct 2023 06:45:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697377531; x=1697982331; darn=rfc-editor.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=XVMds+vjbopWK7oLJ7fLQ1xQiAWD/W+JQ7ViP3F0PUw=; b=hgOUrBJVpvVNWfWGIJ/WlCR7fjgiBHxC9sEnccz0r59Q78v37/Y5IRI0awDXkw/I45 8DU1RiVvMBmWZk8Xu3jo/K2ZzXTk0cXIj8NmxvsOhCld0X3+nnU988QnaFPOOnmotsAU LCq9RM5WGwLAzRxBGjCCdLIA9pbsbimVD4uaxk9Eg7Z9RBVmYGGBcNI0ehLqOsmC2tnO MW8jjv2ukUWiinrLxgLl0TVXQtxz5SmiCWnW0NN5FdYZKRty+L8endUmBzT/BtPq2GH9 9tQuYNGdfj4wwy641KnvyGiPSBPOZQkVuPjHGDGL4zKM13UZFjNfwc+l5oinmsTnTmjp vHvw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697377531; x=1697982331; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XVMds+vjbopWK7oLJ7fLQ1xQiAWD/W+JQ7ViP3F0PUw=; b=qSCaBrrU+x8zDW8OTzsaP3eHdG7PszufX0s/U5GBgn62vmD4ke8B7PcQTseGxiNwHP i8ozgemWABfjlOxriB9j1xuhuRyccygBYcwWbWEZITsiSFukn0e3WZFRbynjTUly86kO 6Rw94DRsmXmDF9T6efYhQMvYgEDxZrFE2fp7GfDvncwpXY/NkP6roCUYtUk2sVDwDTAX AD109BtBcHjRYzOhU9MLeXe1XLeDKTxf/F+yfs4eyj+FIb5HKfSEKdiN+UDayfTa3lpp g+bAaWWYWRsf0lvKNIoj+AZGsvFdUOVfrHtEQZ5DFwihnNFTOi+V62hfrDdv7KroyM8u yqzA==
X-Gm-Message-State: AOJu0YzOmUCk+qMu9XPkq2hebmFSG8ZqdJZQswU43ucWSuzk5Leye/QO TmMYLqjatOK2I6lYrWQ7eTG6o9gab9D1J2vj+F+6NSRL
X-Google-Smtp-Source: AGHT+IHDVW4mPU8PQ1ADAD7vBxdHuCU3X8mOLHNFX5wChTtnYEnzQkI1omVUTcC6THMS13SWrDxc/MdeGTlgt6Fi7lc=
X-Received: by 2002:a5d:644c:0:b0:32d:a80d:c8ed with SMTP id d12-20020a5d644c000000b0032da80dc8edmr2290194wrw.26.1697377530933; Sun, 15 Oct 2023 06:45:30 -0700 (PDT)
MIME-Version: 1.0
References: <20230909024843.23314E5EA7@rfcpa.amsl.com> <PH0PR22MB3102689F598B65A0549D2027DAF9A@PH0PR22MB3102.namprd22.prod.outlook.com> <E9C199B0-4A37-4D3E-862B-70C7ED633E9B@amsl.com> <PH0PR22MB3102283BB824AF4DB536E323DAC3A@PH0PR22MB3102.namprd22.prod.outlook.com> <0C007762-281B-4ED3-9962-0CC14A97C8BF@amsl.com> <PH0PR22MB310273423E2E6F9C345A282BDAC0A@PH0PR22MB3102.namprd22.prod.outlook.com> <253A4E3B-EECB-408F-8785-668E0C197C78@amsl.com> <DM6PR15MB3292FE8BD4FD2C6E39DFC5D4B3CBA@DM6PR15MB3292.namprd15.prod.outlook.com> <CAKC-DJgSLmE0p9Z5ixG3qAiRUY2dKy4pVaKkR0-fXF3q+ZdhqQ@mail.gmail.com> <5463F24A-F1B4-4F24-B658-DDAA5F2BBF3D@amsl.com> <PH0PR22MB310217B61940C8B9D9DFFBB1DAC9A@PH0PR22MB3102.namprd22.prod.outlook.com> <CAKC-DJhtLjEBi0t8nFfYn7yXi6CQVDdTRrPWPTt_AWCBMTBQZQ@mail.gmail.com> <4C20EA39-954D-4981-9057-EC0F58FA5C88@amsl.com> <CAKC-DJjVes3nQW_90VeOTSBGUf_CSFr=MQc6FbWStDdfU9EjpA@mail.gmail.com> <8000D76A-AF4F-4851-BB28-EF5FE4F3762C@amsl.com>
In-Reply-To: <8000D76A-AF4F-4851-BB28-EF5FE4F3762C@amsl.com>
From: Erik Nygren <nygren@gmail.com>
Date: Sun, 15 Oct 2023 09:45:19 -0400
Message-ID: <CAKC-DJgYt6X=JjPRo2NDjSj71PxGjjH6TUV=3O_G8VHMb3aurQ@mail.gmail.com>
To: Lynne Bartholomew <lbartholomew@amsl.com>
Cc: Ben Schwartz <bemasc@meta.com>, Mike Bishop <mbishop@evequefou.be>, "ietf@bemasc.net" <ietf@bemasc.net>, "rfc-editor@rfc-editor.org" <rfc-editor@rfc-editor.org>, "dnsop-ads@ietf.org" <dnsop-ads@ietf.org>, "dnsop-chairs@ietf.org" <dnsop-chairs@ietf.org>, "tjw.ietf@gmail.com" <tjw.ietf@gmail.com>, "auth48archive@rfc-editor.org" <auth48archive@rfc-editor.org>
Content-Type: multipart/alternative; boundary="000000000000c7f8c50607c180fe"
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/gQAjDqMIOJaRnNRnn-22m-HWS1U>
Subject: Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-dnsop-svcb-https-12> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Oct 2023 13:45:39 -0000
I just looked at the latest and it looks good to me. Thanks! Erik On Fri, Oct 13, 2023 at 5:53 PM Lynne Bartholomew <lbartholomew@amsl.com> wrote: > Hi, Erik, Ben, and Mike. > > Ben and Mike, we have made further updates to this document per your notes > below. > > The latest files are posted here (please refresh your browser): > > https://www.rfc-editor.org/authors/rfc9460.txt > https://www.rfc-editor.org/authors/rfc9460.pdf > https://www.rfc-editor.org/authors/rfc9460.html > https://www.rfc-editor.org/authors/rfc9460.xml > https://www.rfc-editor.org/authors/rfc9460-diff.html > https://www.rfc-editor.org/authors/rfc9460-rfcdiff.html > https://www.rfc-editor.org/authors/rfc9460-auth48diff.html > https://www.rfc-editor.org/authors/rfc9460-lastdiff.html > https://www.rfc-editor.org/authors/rfc9460-lastrfcdiff.html > > https://www.rfc-editor.org/authors/rfc9460-xmldiff1.html > https://www.rfc-editor.org/authors/rfc9460-xmldiff2.html > https://www.rfc-editor.org/authors/rfc9460-alt-diff.html > > Erik and Ben, we have noted your approvals on the AUTH48 status page. > Please note, however, that if you object to any subsequent updates to this > document you will let us know: > > https://www.rfc-editor.org/auth48/rfc9460 > > Thank you! > > RFC Editor/lb > > > On Oct 12, 2023, at 2:05 PM, Mike Bishop <mbishop@evequefou.be> wrote: > > > > I’ve finished my final read-through. These are minor issues, and > everything else looks fine. > > > > I caught a few uses of the first-person through the document. I > suggest: > > > > • Section 1.3: “Our terminology…” => “Terminology in this document…” > > > > • Section 2.3: “We term this behavior "Port Prefix Naming" and use it > in the examples throughout this document.” => “This document terms this > behavior "Port Prefix Naming" and uses it in the examples throughout.” > > > > • Appendix A: “Here, we summarize…” => “The following summarizes…” > > > > • Appendix C: “…by providing an extensible solution that solves multiple > problems we will overcome this inertia…” => “…an extensible solution that > solves multiple problems will overcome this inertia…” > > > > There is a nested parenthetical in 2.3. I suggest the following: > > > > Current: > > (Parentheses are used to ignore a line break in DNS zone-file > presentation format ([RFC1035], Section 5.1).) > > > > Proposed: > > (Parentheses are used to ignore a line break in DNS zone-file > presentation format, per Section 5.1 of [RFC1035].) > > > > On Oct 11, 2023, at 10:51 AM, Ben Schwartz <bemasc@meta.com> wrote: > > > > The caption of Figure 10 is 'An alpn Value with ...'. I believe "alpn" > should be quoted for consistency, resulting in 'An "alpn" Value with ...". > > > > Apart from that suggestion, I approve this version for publication. > > > > --Ben Schwartz > > > On Oct 11, 2023, at 10:34 AM, Erik Nygren <nygren@gmail.com> wrote: > > > > Approved from my perspective! (Assuming no objections from Mike or Ben.) > > > > Best, Erik > > > > > > On Wed, Oct 11, 2023 at 12:11 PM Lynne Bartholomew < > lbartholomew@amsl.com> wrote: > > Hi, Erik. > > > > We have updated this document per your note below. > > > > The latest files are posted here (please refresh your browser): > > > > https://www.rfc-editor.org/authors/rfc9460.txt > > https://www.rfc-editor.org/authors/rfc9460.pdf > > https://www.rfc-editor.org/authors/rfc9460.html > > https://www.rfc-editor.org/authors/rfc9460.xml > > https://www.rfc-editor.org/authors/rfc9460-diff.html > > https://www.rfc-editor.org/authors/rfc9460-rfcdiff.html > > https://www.rfc-editor.org/authors/rfc9460-auth48diff.html > > https://www.rfc-editor.org/authors/rfc9460-lastdiff.html > > https://www.rfc-editor.org/authors/rfc9460-lastrfcdiff.html > > > > https://www.rfc-editor.org/authors/rfc9460-xmldiff1.html > > https://www.rfc-editor.org/authors/rfc9460-xmldiff2.html > > https://www.rfc-editor.org/authors/rfc9460-alt-diff.html > > > > We will wait to hear from your coauthors regarding any subsequent > changes before noting anyone's approval. > > > > Thank you! > > > > RFC Editor/lb > > > > > On Oct 10, 2023, at 2:13 PM, Erik Nygren <nygren@gmail.com> wrote: > > > > > > I took a final reading pass through and the only thing that jumped out > would be to change this: > > > > > > - "," and "\" characters instead of implementing the > <tt>value-list</tt> escaping > > > + "," and "\" characters in ALPN IDs instead of implementing the > <tt>value-list</tt> escaping > > > > > > The current text is ambiguous as to whether those characters are > prohibited in ALPN IDs or prohibited in value-list. > > > It is clear that the intent is for them to only be prohibited in ALPN > IDs so that value-list can contain commas, > > > but inserting the "in ALPN IDs" would reduce risk of misreading. > > > Everything else looks good. > > > > > > I believe Mike and Ben are making similar read-throughs. > > > > > > Thanks, Erik > > > > > > > > > > > > > > > > > > On Fri, Oct 6, 2023 at 4:30 PM Mike Bishop <mbishop@evequefou.be> > wrote: > > > Ben proposed this text on GitHub: > > > > > > In this document, this algorithm is referred to as "character-string > decoding", because > > > <xref target="RFC1035" sectionFormat="of" section="5.1"/> uses this > > > algorithm to produce a <tt><character-string></tt>. > > > > > > (And a corresponding "the allowed input" => "some allowed inputs".) > > > > > > The attached XML incorporates this proposal, if that works for > everyone. > > > > > > -----Original Message----- > > > From: Lynne Bartholomew <lbartholomew@amsl.com> > > > Sent: Thursday, October 5, 2023 12:32 PM > > > To: Erik Nygren <erik+ietf@nygren.org>; Ben Schwartz <bemasc@meta.com> > > > Cc: Mike Bishop <mbishop@evequefou.be>; ietf@bemasc.net; > rfc-editor@rfc-editor.org; dnsop-ads@ietf.org; dnsop-chairs@ietf.org; > tjw.ietf@gmail.com; auth48archive@rfc-editor.org > > > Subject: Re: AUTH48: RFC-to-be 9460 <draft-ietf-dnsop-svcb-https-12> > for your review > > > > > > Hi, Erik and Ben. > > > > > > Erik, thank you for the suggestion. Ben, is Erik's suggestion > acceptable, and may we update accordingly? > > > > > > Thank you! > > > > > > RFC Editor/lb > > > > > > > On Oct 5, 2023, at 6:12 AM, Erik Nygren <erik+ietf@nygren.org> > wrote: > > > > > > > > What about "described in" (instead of just "in" or "per") ? > > > > So: > > > > > > > > -it is used to produce a <tt><character-string></tt> in > > > > +it is used to produce the <tt><character-string></tt> > described in > > > > > > > > ? > > > > > > > > On Wed, Oct 4, 2023 at 11:58 AM Ben Schwartz <bemasc@meta.com> > wrote: > > > > Re: "We made the additional update (changed "in" to "per") per your > note for 1) below." > > > > > > > > I think we need to give that section another look. I believe that > "per" may not be correct here. > > > > > > > > --Ben Schwartz > > > > > > > > From: Lynne Bartholomew <lbartholomew@amsl.com> > > > > Sent: Tuesday, October 3, 2023 12:29 PM > > > > To: Mike Bishop <mbishop@evequefou.be> > > > > Cc: ietf@bemasc.net <ietf@bemasc.net>; erik+ietf@nygren.org < > erik+ietf@nygren.org>; rfc-editor@rfc-editor.org < > rfc-editor@rfc-editor.org>; dnsop-ads@ietf.org <dnsop-ads@ietf.org>; > dnsop-chairs@ietf.org <dnsop-chairs@ietf.org>; tjw.ietf@gmail.com < > tjw.ietf@gmail.com>; auth48archive@rfc-editor.org < > auth48archive@rfc-editor.org> > > > > Subject: Re: AUTH48: RFC-to-be 9460 <draft-ietf-dnsop-svcb-https-12> > for your review > !-------------------------------------------------------------------| > > > > This Message Is From an External Sender > > > > > > > > |-------------------------------------------------------------------! > > > > > > > > Hi, Mike. > > > > > > > > Thank you for the latest updated XML file! > > > > > > > > We made the additional update (changed "in" to "per") per your note > for 1) below. > > > > > > > > FYI that the new line breaks in the list in Section 1.2 constitute a > bug (https://github.com/ietf-tools/xml2rfc/issues/1045). We hope that > this issue will be resolved soon. > > > > > > > > The latest files are posted here (please refresh your browser): > > > > > > > > https://www.rfc-editor.org/authors/rfc9460.txt > > > > https://www.rfc-editor.org/authors/rfc9460.pdf > > > > https://www.rfc-editor.org/authors/rfc9460.html > > > > https://www.rfc-editor.org/authors/rfc9460.xml > > > > https://www.rfc-editor.org/authors/rfc9460-diff.html > > > > https://www.rfc-editor.org/authors/rfc9460-rfcdiff.html > > > > https://www.rfc-editor.org/authors/rfc9460-auth48diff.html > > > > https://www.rfc-editor.org/authors/rfc9460-lastdiff.html > > > > https://www.rfc-editor.org/authors/rfc9460-lastrfcdiff.html > > > > > > > > https://www.rfc-editor.org/authors/rfc9460-xmldiff1.html > > > > https://www.rfc-editor.org/authors/rfc9460-xmldiff2.html > > > > https://www.rfc-editor.org/authors/rfc9460-alt-diff.html > > > > > > > > Thanks again! > > > > > > > > RFC Editor/lb > > > > > > > > > On Sep 29, 2023, at 11:52 AM, Mike Bishop <mbishop@evequefou.be> > wrote: > > > > > > > > > > 1) This is fine. > > > > > > > > > > 2) All reasonable, but we'd prefer to avoid nested parentheses. > In the attached, we've changed this to "supported protocols" in 3.2 and > moved the expansion back to 7.1. > > > > > > > > > > We also noted in reviewing the change to the title of Figure 1 > that this URL was not quoted, so we've added those. > > > > > > > > > > -----Original Message----- > > > > > From: Lynne Bartholomew <lbartholomew@amsl.com> > > > > > Sent: Thursday, September 28, 2023 11:48 AM > > > > > To: Mike Bishop <mbishop@evequefou.be> > > > > > Cc: ietf@bemasc.net; erik+ietf@nygren.org; > rfc-editor@rfc-editor.org; dnsop-ads@ietf.org; dnsop-chairs@ietf.org; > tjw.ietf@gmail.com; auth48archive@rfc-editor.org > > > > > Subject: Re: AUTH48: RFC-to-be 9460 > <draft-ietf-dnsop-svcb-https-12> for your review > > > > > > > > > > Hi, Mike. > > > > > > > > > > Thank you very much for the updated XML file! > > > > > > > > > > Thanks also for the detailed list of updates after your > "late-arriving review from the DNS Directorate" note; your note informed us > that we would not need to ask for AD approval for any of those updates; > very helpful and much appreciated! > > > > > > > > > > A couple follow-up items for you: > > > > > > > > > > 1) "used to produce a <character-string> in Section 5.1 of > [RFC1035]" reads a bit oddly. May we change it to "used to produce a > <character-string> per Section 5.1 of [RFC1035]"? > > > > > > > > > > 2) Please note that per our style guidelines we made the following > updates to your copy: > > > > > > > > > > * Moved the expansion of "ALPN" from Section 7.1 to Section 3.2. > > > > > * Changed "Section 2.4.2 and Section 3" to "Sections 2.4.2 and 3" > in Section 9.1. > > > > > * Changed "At" to "at" in the title of Figure 1. > > > > > > > > > > The latest files are posted here: > > > > > > > > > > https://www.rfc-editor.org/authors/rfc9460.txt > > > > > https://www.rfc-editor.org/authors/rfc9460.pdf > > > > > https://www.rfc-editor.org/authors/rfc9460.html > > > > > https://www.rfc-editor.org/authors/rfc9460.xml > > > > > https://www.rfc-editor.org/authors/rfc9460-diff.html > > > > > https://www.rfc-editor.org/authors/rfc9460-rfcdiff.html > > > > > https://www.rfc-editor.org/authors/rfc9460-auth48diff.html > > > > > https://www.rfc-editor.org/authors/rfc9460-lastdiff.html > > > > > https://www.rfc-editor.org/authors/rfc9460-lastrfcdiff.html > > > > > > > > > > https://www.rfc-editor.org/authors/rfc9460-xmldiff1.html > > > > > https://www.rfc-editor.org/authors/rfc9460-xmldiff2.html > > > > > https://www.rfc-editor.org/authors/rfc9460-alt-diff.html > > > > > > > > > > Again, many thanks for your help with this document! > > > > > > > > > > RFC Editor/lb > > > > > > > > > > > > > > >> On Sep 26, 2023, at 11:40 AM, Mike Bishop <mbishop@evequefou.be> > wrote: > > > > >> > > > > >> Hi, Lynne - > > > > >> Please see attached an updated XML from our side, with the > following changes in response to your questions. > > > > >> > > > > >> • We expanded "RR" in the document title. Please let us know > any objections. > > > > >> We have adjusted the title to expand the initialism while > avoiding nested parentheses. > > > > >> Original: > > > > >> Service Binding and Parameter Specification via the DNS (DNS SVCB > and > > > > >> HTTPS Resource Records (RRs)) > > > > >> Current: > > > > >> Service Binding and Parameter Specification via the DNS (SVCB and > > > > >> HTTPS Resource Records) > > > > >> > > > > >> > > > > >> 2. Please insert any keywords… > > > > >> We have added various relevant keywords. > > > > >> > > > > >> > > > > >> 3. Datatracker "idnits" output for the original > approved document included the following warning … There are 2 instances of > lines with non-RFC2606-compliant FQDNs > > > > >> These instances are false positives. > > > > >> > > > > >> > > > > >> 4. Section 1.1: We changed this section title, as > it did not match the contents of the section. If this update is incorrect, > perhaps some text is missing? If so, please clarify "goal" vs. "goals". > > > > >> We have accepted the new section title, and also corrected an > obsolete reference to statements that were previously “mentioned above” but > now appear later in the document. > > > > >> Original: > > > > >> (As mentioned above, this all > > > > >> applies equally to the HTTPS RR, which shares the same encoding, > > > > >> format, and high-level semantics.) > > > > >> Current: > > > > >> (As discussed in <xref target="svcb-compatible"/>, this all > applies > > > > >> equally to the HTTPS RR, which shares the same encoding, format, > and > > > > >> high-level semantics.) > > > > >> > > > > >> > > > > >> 5. Please review the "type" attribute of each > sourcecode element… > > > > >> We have added types and converted “artwork” tags to “sourcecode” > as appropriate. > > > > >> > > > > >> > > > > >> 6. Section 2.4.2: As it appears that "multiple" > means "multiple RRs" (as opposed to "multiple RRSets"), we updated this > sentence accordingly. If this is incorrect, please provide clarifying text. > > > > >> We have adjusted this to “multiple AliasMode RRs”. > > > > >> > > > > >> > > > > >> 7. Section 4.2: Is resolution of unknown RR types > the only type of normal response construction, or should "i.e." ("that is") > be "e.g." ("for example") here? > > > > >> Yes. For clarity, we’ve removed this use of “i.e.” entirely. > > > > >> > > > > >> > > > > >> 8. Section 4.3: Does "even if the contents are > invalid" refer to the "MUST" clause, the "MAY" clause, or both? > > > > >> It refers to the “MAY” clause. To improve clarity, we’ve > restructured this sentence and the following one. > > > > >> Original: > > > > >> Recursive resolvers <bcp14>MUST</bcp14> be able to convey SVCB > records > > > > >> with unrecognized SvcParamKeys, and <bcp14>MAY</bcp14> treat the > > > > >> entire SvcParams portion of the record as opaque, even if the > contents > > > > >> are invalid. Alternatively, recursive resolvers > <bcp14>MAY</bcp14> > > > > >> report an error such as SERVFAIL to avoid returning a > SvcParamValue that is invalid according to the SvcParam's specification. > > > > >> Current: > > > > >> Recursive resolvers <bcp14>MUST</bcp14> be able to convey SVCB > records > > > > >> with unrecognized SvcParamKeys. Resolvers <bcp14>MAY</bcp14> > > > > >> accomplish this by treating the entire SvcParams portion of the > record > > > > >> as opaque, even if the contents are invalid. If a recognized > > > > >> SvcParamKey is followed by a value that is invalid according to > the > > > > >> SvcParam's specification, a recursive resolver <bcp14>MAY</bcp14> > > > > >> report an error such as SERVFAIL instead of returning the record. > > > > >> > > > > >> > > > > >> 9. Section 7.2: Should "this SvcParam" be "this > SvcParamValue" here? > > > > >> Yes. (Corrected.) > > > > >> > > > > >> > > > > >> 10. Section 9.1: Please clarify the meaning of > "Following of". > > > > >> We’ve clarified by reformulating this sentence and including > references to the relevant sections where the behavior is defined. > > > > >> Original: > > > > >> Following of HTTPS AliasMode RRs and CNAME aliases is > unchanged from SVCB. > > > > >> Current: > > > > >> The procedure for following HTTPS AliasMode RRs and > CNAME aliases is unchanged from SVCB (as described in <xref > target="alias-mode"/> and <xref target="client-behavior"/>). > > > > >> > > > > >> > > > > >> > > > > >> 11. Should the instances of "9443" be "8443" here? > > > > >> No, this distinction is intentional. > > > > >> > > > > >> > > > > >> 12. Section 9.4 and Table 1: Does "ECH" refer to > citations for draft-ietf-tls-esni and not to "Encrypted ClientHello" in > general, or does it refer to some (unknown) future specification related to > ECH (in which case the text should be clarified)? > > > > >> For clarity, we’ve replaced “ECH” here with that reference, and > expanded the acronym where it appears in the IANA instructions. The > assignment is currently captured in draft-sbn-tls-svcb-ech-00, which was > extracted from this document. The TLS WG has adopted that document, and > will need to decide whether to fold it into draft-ietf-tls-esni or advance > it separately. > > > > >> > > > > >> > > > > >> 13. Section 9.6: Should 'HTTP URL' be '"http" URL'? … > Also, we could not find any instances of "requestURL" in [WebSocket], any > other published RFC, or [FETCH]. > > > > >> We’ve replaced ‘HTTP URL” with the formal term defined in RFC > 9110: “HTTP-related URI scheme”. > > > > >> Since we wrote this text, WHATWG has moved the definition of > “requestURL” to a new document. We’ve fixed the problem by adding that > reference here. > > > > >> Original: > > > > >> All HTTP connections to named origins are eligible to use HTTPS > RRs, > > > > >> even when HTTP is used as part of another protocol or without an > > > > >> explicit HTTP URL. For example, clients that support HTTPS RRs > and > > > > >> implement the altered WebSocket <xref target="RFC6455"/> opening > > > > >> handshake from the W3C Fetch specification <xref target="FETCH"/> > > > > >> <bcp14>SHOULD</bcp14> use HTTPS RRs for the <tt>requestURL</tt>. > > > > >> Current: > > > > >> All HTTP connections to named origins are eligible to use HTTPS > RRs, > > > > >> even when HTTP is used as part of another protocol or without an > > > > >> explicit HTTP-related URI scheme (<relref target="RFC9110" > > > > >> section="4.2"/>). For example, clients that support HTTPS RRs > and > > > > >> implement <xref target="RFC6455"/> using the altered opening > handshake > > > > >> from <xref target="FETCH-WEBSOCKETS"/> <bcp14>SHOULD</bcp14> use > HTTPS RRs for the <tt>requestURL</tt>. > > > > >> > > > > >> > > > > >> 14. Section 10.3: We had trouble following "various > interpretations of RFCs" in the first sentence… > > > > >> We’ve replaced this vague statement by a reference to the BIND > documentation for the behavior in question. > > > > >> Original: > > > > >> Note that some implementations may not allow A or AAAA records on > > > > >> names starting with an underscore due to various interpretations > of RFCs. > > > > >> This could be an operational issue when the TargetName contains > an > > > > >> Attrleaf label, as well as using a TargetName of "." when the > owner name contains an Attrleaf label. > > > > >> Current: > > > > >> Some authoritative DNS servers may not allow A or AAAA records on > > > > >> names starting with an underscore (e.g., <xref > target="BIND-CHECK-NAMES"/>). > > > > >> This could create an operational issue when the TargetName > contains an > > > > >> Attrleaf label, or when using a TargetName of "." if the owner > name contains an Attrleaf label. > > > > >> > > > > >> > > > > >> 15. Section 11: We do not see the word "stapling" or > "staple" in RFC 6066. Please confirm that this citation will be clear to > readers. > > > > >> We’ve adjusted this sentence to expand “OCSP” and mention > > > > >> “Certificate Status Request”, which is the formal name from RFC > 6066. > > > > >> (We’ve preserved the term “stapling” because it is much more > widely > > > > >> understood and commonly used than the formal name.) > > > > >> Original: > > > > >> Server operators implementing this standard <bcp14>SHOULD</bcp14> > also > > > > >> implement TLS 1.3 <xref target="RFC8446"/> and Online > > > > >> Certificate Status Protocol (OCSP) Stapling <xref > > > > >> target="RFC6066"/>, both of which confer substantial performance > and > > > > >> privacy benefits when used in combination with SVCB records. > > > > >> Current: > > > > >> Server operators implementing this standard <bcp14>SHOULD</bcp14> > also > > > > >> implement TLS 1.3 <xref target="RFC8446"/> and Online Certificate > > > > >> Status Protocol (OCSP) Stapling (i.e., Certificate Status Request > in > > > > >> <xref target="RFC6066" section="8" sectionFormat="of"/>), both of > > > > >> which confer substantial performance and privacy benefits when > used in > > > > >> combination with SVCB records.</t> > > > > >> > > > > >> > > > > >> 16. Section 12: "unintended access" reads oddly > here. If the suggested text is not correct, should the word "unintended" > be removed? > > > > >> We’ve rephrased this in a way that avoids the word “unintended” > and improves specificity. > > > > >> Original: > > > > >> If the attacker can influence the > > > > >> client's payload (e.g., TLS session ticket contents) and an > internal > > > > >> service has a sufficiently lax parser, it's possible that the > attacker > > > > >> could gain unintended access. > > > > >> Current: > > > > >> If the attacker can influence the > > > > >> client's payload (e.g., TLS session ticket contents) and an > internal > > > > >> service has a sufficiently lax parser, the attacker could gain > access > > > > >> to the internal service. > > > > >> > > > > >> > > > > >> 17. FYI, we have changed two instances of "Service > Binding" to "service binding" because it written in lowercase where used > generally in this document. We will ask IANA… > > > > >> We’ve changed the description in the IANA instructions to use the > > > > >> more precise term “SVCB-compatible” instead. (The original IANA > > > > >> instructions may predate this term.) > > > > >> > > > > >> > > > > >> 18. The following ACTION text indicates that the > "Service Parameter Keys (SvcParamKeys)" registry should appear on the > "Domain Name System (DNS) Parameters" page. However, the registry appears > on a page under the heading "DNS Service Bindings (SVCB)" > > > > >> This disparity may have occurred because IANA reorganized their > website after the original instructions were written. The current location > of the registry correctly reflects the authors’ intent, and we have updated > the draft to describe the new location. > > > > >> > > > > >> > > > > >> 19. Because the IANA registry does not include a > "Meaning" column, we have updated the text as shown below. Please let us > know if any updates are required. > > > > >> This change is correct. > > > > >> > > > > >> > > > > >> 20. Appendix A: Because Section 3.3 of RFC 1035 says > "<character-string> is treated as binary information, and can be up to 256 > characters in length (including the length octet)", we updated this > sentence to clarify the meaning of "same as". If this is incorrect, please > provide text that clarifies the meaning of "same as". > > > > >> This change is not correct. We have adjusted the text to provide > a clearer distinction between “<character-string>” (which is binary) and > the textual representation used to generate it. > > > > >> Original: > > > > >> DNS zone files are capable of representing arbitrary octet > sequences > > > > >> in basic ASCII text, using various delimiters and encodings. The > > > > >> algorithm for decoding these character strings is defined in > <xref section="5.1" sectionFormat="of" target="RFC1035"/>. > > > > >> Current: > > > > >> DNS zone files are capable of representing arbitrary octet > sequences > > > > >> in basic ASCII text, using various delimiters and encodings, > according > > > > >> to an algorithm defined in <xref section="5.1" sectionFormat="of" > target="RFC1035"/>. > > > > >> Original: > > > > >> In this document, this algorithm is referred to as > "character-string decoding". > > > > >> The algorithm is the same as the guideline for > > > > >> <tt><character-string></tt> provided in <xref > target="RFC1035" sectionFormat="of" section="3.3"/>, except that in this > document the output length is not limited to 255 octets. > > > > >> Current: > > > > >> In this document, this algorithm is referred to as > "character-string > > > > >> decoding", because it is used to produce a > > > > >> <tt><character-string></tt> in <xref target="RFC1035" > > > > >> sectionFormat="of" section="5.1"/>. Note that while the length > of a > > > > >> <tt><character-string></tt> is limited to 255 octets, the > > > > >> character-string decoding algorithm can produce output of any > > > > >> length.</t> > > > > >> > > > > >> > > > > >> 21. Appendix C.4: We changed "the authoritative" at > the end of this sentence to "the authoritative DNS server". > > > > >> This change is correct. > > > > >> > > > > >> > > > > >> 22. Appendix D.2: Do "target (root label)" and > "target, root label" mean the same thing? If yes, should they both be > expressed in the same way (i.e., either parentheses or comma)? Also, should > "length: 2 bytes" be "length 2", per the format of all other "# length" and > "; length" entries? > > > > >> Yes, these carry the same meaning. We have incorporated these > changes to improve consistency. > > > > >> > > > > >> > > > > >> 23. The example.com line in Figure 8 extends beyond > the 72-character limit. > > > > >> 24. Figure 8: The "example.com." line is too long… > > > > >> We have adjusted this figure as suggested to fit within the > 72-character limit. > > > > >> > > > > >> > > > > >> 25. Figures 14 and 15: Should "mandatory" be written > in the same way in both titles (i.e., either lowercase and quoted or > initial-capitalized and unquoted)? > > > > >> No. In one case, it refers to an item that must be present; in > the other it refers to the literal 9-character sequence “mandatory”. > > > > >> > > > > >> > > > > >> 26. "Acknowledgments and Related Proposals" reads > oddly, in that the two ideas seem unrelated. "... proposed solutions > ...challenge proposed" reads oddly as well. May we make a new Section 15 > ("Related Proposals") … ? > > > > >> We’ve reformulated this paragraph to make clear that the related > proposals are mentioned by way of acknowledgement and gratitude. > > > > >> > > > > >> > > > > >> 27. Please review the "Inclusive Language" portion of > the online Style Guide … > > > > >> We have reviewed this guidance but did not find any changes that > could be made on this basis. > > > > >> > > > > >> > > > > >> 28. Please let us know if any changes are needed for > the following [capitalization consistency issues] > > > > >> We have attempted to correct these issues to improve > consistency. In the case of ALPN, we have clarified some uses as “ALPN > protocol” or “ALPN ID”. > > > > >> ------------ > > > > >> Additionally, we made several edits in response to a > late-arriving review from the DNS Directorate, as Warren indicated. These > are highlighted below, in no particular order. > > > > >> # Positive and negative DNSSEC (Section 4.1) > > > > >> Original: > > > > >> If the zone is signed, the server SHOULD also include positive or > > > > >> negative DNSSEC responses for these records in the Additional > section. > > > > >> Current: > > > > >> If the zone is signed, the server SHOULD also include DNSSEC > records > > > > >> authenticating the existence or nonexistence of these records in > the > > > > >> Additional section. > > > > >> # Use of “origin” for concepts other than HTTP origins > > > > >> - In 1.1, “an origin within the DNS” => “a service identified by > a domain name” > > > > >> - In 3.1, “origin’s SVCB record” => “service’s SVCB record” > > > > >> - In 7.3, “origin hostname” => “service name” > > > > >> - In 9.3, “origin endpoint” => “authority endpoint” > > > > >> - In 12, “origin” => “authoritative server” > > > > >> # Use of “delegation” outside the sense of DNS zone delegation > > > > >> - In 1, “delegating the origin” => “aliasing the origin” > > > > >> - In 1.1, “delegation of operational authority for an origin > within > > > > >> the DNS to an alternate name.” => “extending operational > authority for > > > > >> a service identified by a domain name to other instances with > > > > >> alternate names.” (overlap with previous set) > > > > >> - In 1.1, “apex delegation” => “apex aliasing” > > > > >> - In 3.2, “It allows the service to delegate the apex domain.” => > “It allows a service on an apex domain to use aliasing.” > > > > >> - In Figure 1 (caption), “Is Delegated to” => “Is Available At” > > > > >> # Inconsistency of terms for list and sorting in Section 3 > > > > >> - “enumerating the priority-ordered endpoints” => “enumerating > and ordering the available endpoints” > > > > >> - Addition of “Sort the records by ascending SvcPriority.” to > step 4. > > > > >> - “known endpoints” => “available endpoints” > > > > >> - “priority list” => “list of endpoints” > > > > >> - “the resolved list” => “this list” > > > > >> # Vague performance statements > > > > >> In 2.4.2, removed “which would likely improve performance” > > > > >> # No such thing as empty RRset > > > > >> Original: > > > > >> If the SVCB RRset contains no compatible RRs, the client will > generally act as if the RRset is empty. > > > > >> Current: > > > > >> Incompatible RRs are ignored (see step 5 of the procedure defined > in <xref target="client-behavior"/>). > > > > >> ------------ > > > > >> Finally, with regard to the changes from our previous e-mail: The > attached file incorporates your proposed changes. We have made one > adjustment, where <tt> was already being used around a hostname which is > now quoted. The combination is probably not necessary; for consistency, we > can align on quotes. > > > > >> Original: > > > > >> When using the generic SVCB RR type with aliasing, zone owners > > > > >> <bcp14>SHOULD</bcp14> choose alias target names that indicate the > > > > >> scheme in use (e.g., <tt>"foosvc.example.net"</tt> for > > > > >> <tt>"foo://"</tt> schemes). This will help to avoid confusion > when > > > > >> another scheme needs to be added to the configuration. When > multiple > > > > >> port numbers are in use, it may be helpful to repeat the prefix > labels in the alias target name (e.g., <tt>"_1234._foo.svc.example.net > "</tt>). > > > > >> Current: > > > > >> When using the generic SVCB RR type with aliasing, zone owners > > > > >> <bcp14>SHOULD</bcp14> choose alias target names that indicate the > > > > >> scheme in use (e.g., "foosvc.example.net" for "foo" schemes). > This > > > > >> will help to avoid confusion when another scheme needs to be > added to > > > > >> the configuration. When multiple port numbers are in use, it may > be > > > > >> helpful to repeat the prefix labels in the alias target name > (e.g., "_1234._foo.svc.example.net"). > > > > >> We have also removed the “://”, which is not properly part of the > scheme. > > > > >> > > > > >> > > > > >> -----Original Message----- > > > > >> From: Lynne Bartholomew <lbartholomew@amsl.com> > > > > >> Sent: Friday, September 22, 2023 2:39 PM > > > > >> To: Mike Bishop <mbishop@evequefou.be>; ietf@bemasc.net; > > > > >> erik+ietf@nygren.org > > > > >> Cc: rfc-editor@rfc-editor.org; dnsop-ads@ietf.org; > > > > >> dnsop-chairs@ietf.org; tjw.ietf@gmail.com; > > > > >> auth48archive@rfc-editor.org > > > > >> Subject: Re: AUTH48: RFC-to-be 9460 > <draft-ietf-dnsop-svcb-https-12> > > > > >> for your review Hi, Mike and coauthors. > > > > >> Mike, apologies for our confusion with the emails yesterday. We > have updated this document per your notes below. Please see our "[rfced]" > notes inline. > > > > >> Also, apologies for an issue regarding an update to Section > 14.4. The updated section is now correct. We also removed a duplicate > question regarding Figure 8. > > > > >> The latest files are posted here. Please refresh your browser to > view the latest updates and the updated list of questions: > > > > >> https://www.rfc-editor.org/authors/rfc9460.txt > > > > >> https://www.rfc-editor.org/authors/rfc9460.pdf > > > > >> https://www.rfc-editor.org/authors/rfc9460.html > > > > >> https://www.rfc-editor.org/authors/rfc9460.xml > > > > >> https://www.rfc-editor.org/authors/rfc9460-diff.html > > > > >> https://www.rfc-editor.org/authors/rfc9460-rfcdiff.html > > > > >> https://www.rfc-editor.org/authors/rfc9460-auth48diff.html > > > > >> https://www.rfc-editor.org/authors/rfc9460-alt-diff.html > > > > >> https://www.rfc-editor.org/authors/rfc9460-xmldiff1.html > > > > >> https://www.rfc-editor.org/authors/rfc9460-xmldiff2.html > > > > >> https://www.rfc-editor.org/authors/rfc9460-alt-diff.html > > > > >> Thank you, and again, apologies for our confusion. > > > > >> RFC Editor/lb > > > > >> > > > > >> > > > > >>> On Sep 20, 2023, at 1:33 PM, Mike Bishop <mbishop@evequefou.be> > wrote: > > > > >>>> A couple points from the copy-edits I wanted to discuss as we > go through these…. > > > > >>>> Under SVC Query Names, I see this change: > > > > >>>> Original: > > > > >>> When querying the SVCB RR, a service is translated into a QNAME > by > > > > >>> prepending the service name with a label indicating the scheme, > > > > >>> prefixed with an underscore, resulting in a domain name like "_ > examplescheme.api.example.com.". > > > > >>>> Current: > > > > >>> When querying the SVCB RR, a service is translated into a QNAME > by > > > > >>> prepending the service name with a label indicating the scheme, > > > > >>> prefixed with an underscore, resulting in a domain name like "_ > examplescheme.api.example.com." > > > > >>>> In this instance, however, the literal domain name ends with a > period. Given the general rule in American English that the period goes > inside the quotation marks and not outside, the absence of the explicit > exterior period might cause some readers to apply that rule and not expect > the actual domain name to contain the trailing dot; hence the separate > period in the original. > > > > >>>> Could we revert this change, or is there a different way we > could word this to avoid any confusion? > > > > >> [rfced] Reverted. Thank you for the explanation. > > > > >>>> Under AliasMode, quotes were added to offset “ > https://example.com ”, but similar quotes were not added around > “foo://example.com:8080”. Should all URIs be quoted, if this one is? > > > > >>> [rfced] We added quotes to URIs listed in text. Please review > and let us know if any of the new quotes are incorrect (e.g., we added > quotes for 'owner of "example.com"' because we found 'the operator of " > https://example.com "', but is this update correct?). > > > > >>> Regarding the hyphenation of “SVCB-optional” and “SVCB-reliant”: > > > > >>>> Original: > > > > >>> A client is called "SVCB-optional" if it can connect without the > use > > > > >>> of ServiceMode records, and "SVCB-reliant" otherwise. > > > > >>>> Current: > > > > >>> A client is called "SVCB optional" if it can connect without the > use > > > > >>> of ServiceMode records; otherwise, it is called "SVCB reliant". > > > > >>>> These terms are used primarily as adjectives before a noun (and > therefore hyphenated) and in a few instances with a verb in between. It > seems unclear not to hyphenate the definition of the terms when that’s > primarily how they’re used, for ease of searching. For uniformity, could we > hyphenate these terms throughout? If I understand the rule correctly, a > compound adjective is *generally* not hyphenated when not before a noun, > but some are. > > > > >>>> (The same applies to “SVCB-compatible” later.) > > > > >> [rfced] We restored the hyphens. > > > > >> Updated list of questions: > > > > >> 1) <!-- [rfced] We expanded "RR" in the document title. Please > let us know any objections. > > > > >> Original: > > > > >> Service binding and parameter specification via the DNS (DNS SVCB > and > > > > >> HTTPS RRs) > > > > >> Currently: > > > > >> Service Binding and Parameter Specification via the DNS (DNS SVCB > and > > > > >> HTTPS Resource Records (RRs)) --> > > > > >> 2) <!-- [rfced] Please insert any keywords (beyond those that > appear > > > > >> in the > > > > >> title) for use on <https://www.rfc-editor.org/search >. --> > > > > >> 3) <!-- [rfced] Datatracker "idnits" output for the original > approved document included the following warning. Please let us know if > any changes are needed as related to this warning: > > > > >> == There are 2 instances of lines with non-RFC2606-compliant > FQDNs in the > > > > >> document. --> > > > > >> 4) <!-- [rfced] Section 1.1: We changed this section title, as > it did not match the contents of the section. If this update is incorrect, > perhaps some text is missing? If so, please clarify "goal" vs. > > > > >> "goals". > > > > >> Original (excerpts from this section are included for context): > > > > >> 1.1. Goals of the SVCB RR > > > > >> The goal of the SVCB RR is to allow clients to resolve a single > > > > >> additional DNS RR in a way that: > > > > >> ... > > > > >> Additional goals specific to HTTPS RRs and the HTTP use-cases > > > > >> include: > > > > >> Currently: > > > > >> 1.1. Goals --> > > > > >> 5) <!-- [rfced] Please review the "type" attribute of each > sourcecode element in the XML file to ensure correctness. If the current > list of preferred values for "type" > > > > >> (https://www.rfc-editor.org/materials/sourcecode-types.txt ) > does not contain an applicable type, please let us know. Also, it is > acceptable to leave the "type" attribute not set. > > > > >> In addition, review each artwork element. Specifically, should > any artwork element be tagged as sourcecode (e.g., "dns-rr", "pseudocode", > or "test-vectors" for some or all of the figures in the appendices)? --> > > > > >> 6) <!-- [rfced] Section 2.4.2: As it appears that "multiple" > means "multiple RRs" (as opposed to "multiple RRSets"), we updated this > sentence accordingly. If this is incorrect, please provide clarifying text. > > > > >> Original (the previous sentence is included for context): > > > > >> In AliasMode, the SVCB record aliases a service to a TargetName. > > > > >> SVCB RRSets SHOULD only have a single resource record in > AliasMode. > > > > >> If multiple are present, clients or recursive resolvers SHOULD > pick one at random. > > > > >> Currently: > > > > >> If multiple > > > > >> RRs are present, clients or recursive resolvers SHOULD pick one > at random. --> > > > > >> 7) <!-- [rfced] Section 4.2: Is resolution of unknown RR types > the only type of normal response construction, or should "i.e." ("that is") > be "e.g." ("for example") here? > > > > >> Original: > > > > >> Whether the recursive resolver is aware of SVCB or not, the > normal > > > > >> response construction process (i.e. unknown RR type resolution > under > > > > >> [RFC3597]) generates the Answer section of the response. --> > > > > >> 8) <!-- [rfced] Section 4.3: Does "even if the contents are > invalid" > > > > >> refer to the "MUST" clause, the "MAY" clause, or both? > > > > >> Original: > > > > >> Recursive resolvers MUST be able to convey SVCB records with > unrecognized SvcParamKeys, and MAY treat the entire SvcParams portion of > the record as opaque, even if the contents are invalid. > > > > >> (A) Perhaps (both): > > > > >> Recursive resolvers MUST be able to convey SVCB records with > unrecognized SvcParamKeys and MAY treat the entire SvcParams portion of > the record as opaque, even if the contents are invalid. > > > > >> (B) Or possibly (only the "MAY" clause): > > > > >> Recursive resolvers MUST be able to convey SVCB records with > unrecognized SvcParamKeys, and the resolvers MAY treat the entire > SvcParams portion of the record as opaque even if the contents are invalid. > > > > >> (C) Or to be specific (instead of rely only on the comma): > > > > >> Recursive resolvers MUST be able to convey SVCB records with > > > > >> unrecognized SvcParamKeys, and the resolvers MAY treat the entire > > > > >> SvcParams portion of the record as opaque even if the contents > > > > >> (of that portion) are invalid. --> > > > > >> 9) <!-- [rfced] Section 7.2: Should "this SvcParam" be "this > > > > >> SvcParamValue" here? We ask because we see two instances of > > > > >> "SvcParamValue MUST NOT contain escape sequences" later in this > > > > >> document. > > > > >> Original: > > > > >> To enable simpler parsing, this SvcParam MUST NOT contain escape > > > > >> sequences. --> > > > > >> 10) <!-- [rfced] Section 9.1: Please clarify the meaning of > > > > >> "Following of". > > > > >> Original: > > > > >> Following of HTTPS AliasMode RRs and CNAME aliases is unchanged > from > > > > >> SVCB. --> > > > > >> 11) <!--[rfced] Should the instances of "9443" be "8443" here? > > > > >> Original: > > > > >> Alt-Svc: h2="alt.example:443", h2="alt2.example:443", > h3=":8443" > > > > >> > The client would retrieve the following HTTPS records: > > > > > >> > alt.example. IN HTTPS 1 . alpn=h2,h3 foo=... > > > > > >> alt2.example. IN HTTPS 1 alt2b.example. alpn=h3 > foo=... > > > > >> _8443._https.example.com. IN HTTPS 1 alt3.example. ( > > > > > >> port=9443 alpn=h2,h3 foo=... ) > [...] > > > > >> > * HTTP/3 to alt3.example:9443 --> > > > > >> 12) <!-- [rfced] Section 9.4 and Table 1: Does "ECH" refer to > > > > >> citations for draft-ietf-tls-esni and not to "Encrypted > ClientHello" > > > > >> in general, or does it refer to some (unknown) future > specification > > > > >> related to ECH (in which case the text should be clarified)? > > > > >> Please note that we could not find any indication in > > > > >> draft-ietf-tls-esni that the parameter in question will be > reserved > > > > >> for it. > > > > >> Original: > > > > >> Clients MUST NOT use an HTTPS RR response unless the client > supports > > > > >> TLS Server Name Indication (SNI) and indicates the origin name in > the > > > > >> TLS ClientHello (which might be encrypted via a future > specification > > > > >> such as ECH). > > > > >> ... > > > > >> | 5 | ech | RESERVED |N/A |IETF > | > > > > >> | | | (will be | | > | > > > > >> | | | used for | | > | > > > > >> | | | ECH) | | > | --> > > > > >> 13) <!-- [rfced] Section 9.6: > > > > >> Should 'HTTP URL' be '"http" URL'? We ask because we do not see > > > > >> 'HTTP URL' used anywhere else in this document or in this cluster > of > > > > >> documents (https://www.rfc-editor.org/cluster_info.php?cid=C461 > ). > > > > >> Also, we could not find any instances of "requestURL" in > [WebSocket], > > > > >> any other published RFC, or [FETCH]. However, we see > "Request-URI" > > > > >> in [WebSocket]. Will the use of "requestURL" be clear to readers? > > > > >> Original: > > > > >> All HTTP connections to named origins are eligible to use HTTPS > RRs, > > > > >> even when HTTP is used as part of another protocol or without an > > > > >> explicit HTTP URL. For example, clients that support HTTPS RRs > and > > > > >> implement the altered WebSocket [WebSocket] opening handshake > from the > > > > >> W3C Fetch specification [FETCH] SHOULD use HTTPS RRs for the > > > > >> requestURL. --> > > > > >> 14) <!-- [rfced] Section 10.3: We had trouble following > "various > > > > >> interpretations of RFCs" in the first sentence, as it appears to > > > > >> indicate that the RFCs themselves are being interpreted. Also, > the > > > > >> second sentence does not parse. Would the "Perhaps" text below > be > > > > >> helpful? If not, please provide clarifying text. > > > > >> Original ("an TargetName" has been fixed): > > > > >> Note that some implementations may not allow A or AAAA records on > > > > >> names starting with an underscore due to various interpretations > of > > > > >> RFCs. This could be an operational issue when the TargetName > contains > > > > >> an attrleaf label, as well as using an TargetName of "." > > > > >> when the owner name contains an attrleaf label. > > > > >> Perhaps: > > > > >> Note that some implementations may not allow A or AAAA records on > > > > >> names that start with an underscore, due to various > interpretations in > > > > >> other RFCs. This could be an operational issue when the > TargetName > > > > >> contains an Attrleaf label, as well as when a TargetName of "." > is > > > > >> used when the owner name contains an Attrleaf label. --> > > > > >> 15) <!-- [rfced] Section 11: We do not see the word "stapling" > or > > > > >> "staple" in RFC 6066. Please confirm that this citation will be > clear > > > > >> to readers. > > > > >> Original: > > > > >> Server operators implementing this standard SHOULD also implement > TLS > > > > >> 1.3 [RFC8446] and OCSP Stapling [RFC6066], both of which confer > > > > >> substantial performance and privacy benefits when used in > combination > > > > >> with SVCB records. --> > > > > >> 16) <!-- [rfced] Section 12: "unintended access" reads oddly > here. > > > > >> If the suggested text is not correct, should the word "unintended" > > > > >> be removed? Please provide alternative text if you'd like to > > > > >> rephrase. > > > > >> Original: > > > > >> If the attacker can influence the client's payload (e.g. > > > > >> TLS session ticket contents), and an internal service has a > > > > >> sufficiently lax parser, it's possible that the attacker could > gain > > > > >> unintended access. > > > > >> Suggested: > > > > >> If the attacker can influence the client's payload (e.g., TLS > session > > > > >> ticket contents) and an internal service has a sufficiently lax > > > > >> parser, it's possible that, as an unintended consequence, the > attacker > > > > >> could gain access. --> > > > > >> 17) <!-- [rfced] FYI, we have changed two instances of "Service > Binding" > > > > >> to "service binding" because it written in lowercase where used > > > > >> generally in this document. We will ask IANA to update > > > > >> <https://www.iana.org/assignments/dns-parameters/ > accordingly, > unless you let us know you prefer otherwise. > > > > >> Original: > > > > >> * Meaning: General Purpose Service Binding Current: > > > > >> Meaning: General-purpose service binding > > > > >> Original: > > > > >> * Meaning: Service Binding type for use with HTTP Current: > > > > >> Meaning: Service binding type for use with HTTP > > > > >> --> > > > > >> 18) <!-- [rfced] The following ACTION text indicates that the > > > > >> "Service Parameter Keys (SvcParamKeys)" registry should appear on > the > > > > >> "Domain Name System (DNS) Parameters" page. However, the > registry > > > > >> appears on a page under the heading "DNS Service Bindings (SVCB)" > > > > >> (see https://www.iana.org/assignments/dns-svcb/ ). Please > review and > > > > >> let us know if the location of the "DNS Service Bindings (SVCB)" > > > > >> registry is correct. > > > > >> Original: > > > > >> ACTION: create this registry, on a new page entitled "DNS Service > > > > >> Bindings (SVCB)" under the "Domain Name System (DNS) Parameters" > > > > >> category. --> > > > > >> 19) <!-- [rfced] Section 14.4: Because the "Underscored and > > > > >> Globally Scoped DNS Node Names" IANA registry does not include a > "Meaning" > > > > >> column, we have updated the table as shown below. Please let us > know > > > > >> if any other updates are required. > > > > >> Original (to avoid the issue of double dashes and XML comments, > the > > > > >> bottom line of the table is not included): > > > > >> Per [Attrleaf], please add the following entry to the DNS > Underscore > > > > >> Global Scoped Entry Registry: > > > > >> +=========+============+=================+=================+ > > > > >> | RR TYPE | _NODE NAME | Meaning | Reference | > > > > >> +=========+============+=================+=================+ > > > > >> | HTTPS | _https | HTTPS SVCB info | (This document) | > > > > >> Table 2 > > > > >> Currently: > > > > >> Per [Attrleaf], the following entry has been added to the DNS > > > > >> "Underscored and Globally Scoped DNS Node Names" registry: > > > > >> +=========+============+===========+ > > > > >> | RR Type | _NODE NAME | Reference | > > > > >> +=========+============+===========+ > > > > >> | HTTPS | _https | RFC 9460 | > > > > >> Table 2 --> > > > > >> 20) <!-- [rfced] Appendix A: Because Section 3.3 of RFC 1035 > says > > > > >> "<character-string> is treated as binary information, and can be > up to > > > > >> 256 characters in length (including the length octet)", we > updated > > > > >> this sentence to clarify the meaning of "same as". > > > > >> If this is incorrect, please provide text that clarifies the > meaning > > > > >> of "same as". > > > > >> Original: > > > > >> The algorithm is the same as used by > > > > >> <character-string> in RFC 1035, although the output length in > this > > > > >> document is not limited to 255 octets. > > > > >> Currently: > > > > >> The algorithm is the same as the > > > > >> guideline for <character-string> in [RFC1035], except that in > this > > > > >> document the output length is not limited to 255 octets. > > > > >> --> > > > > >> 21) <!-- [rfced] Appendix C.4: We changed "the authoritative" > at > > > > >> the end of this sentence to "the authoritative DNS server". If > this > > > > >> is incorrect, please clarify the meaning of "the authoritative". > > > > >> Original: > > > > >> Recursive resolvers that implement the specification would, upon > > > > >> receipt of a ServiceMode query, emit both a ServiceMode and an > > > > >> AliasMode query to the authoritative. > > > > >> Currently: > > > > >> Recursive resolvers that implement the specification would, upon > > > > >> receipt of a ServiceMode query, emit both a ServiceMode query and > an > > > > >> AliasMode query to the authoritative DNS server. --> > > > > >> 22) <!-- [rfced] Appendix D.2: Do "target (root label)" and > > > > >> "target, root label" mean the same thing? If yes, should they > both be > > > > >> expressed in the same way (i.e., either parentheses or comma)? > > > > >> Also, should "length: 2 bytes" be "length 2", per the format of > all > > > > >> other "# length" and "; length" entries? > > > > >> Original: > > > > >> 00 ; target (root label) > > > > >> ... > > > > >> \x00 # target, root label > > > > >> ... > > > > >> \x00\x02 # length: 2 > bytes > > > > >> ... > > > > >> \x00\x05 # length 5 > > > > >> ... > > > > >> \x00\x09 # length 9 > > > > >> ... > > > > >> \x00\x20 # length 32 > > > > >> ... > > > > >> \x00\x10 # length 16 --> > > > > >> 23) <!-- [rfced] Figure 8: The "example.com." line is too long > and > > > > >> yields the following warning: > > > > >> Warning: Too long line found (L2319), 4 characters longer than 72 > characters: > > > > >> example.com. SVCB 1 example.com. > ipv6hint="2001:db8:122:344::192.0.2.33" > > > > >> We see a similar type of line at the top of Figure 7, although > that > > > > >> line uses parentheses before and after the line break around > > > > >> "ipv6hint". Would it be syntactically correct to format this > line > > > > >> (i.e., with parentheses and line breaks) per Figure 7? > > > > >> Original: > > > > >> example.com. SVCB 1 example.com. > ipv6hint="2001:db8:122:344::192.0.2.33" > > > > >> Possibly: > > > > >> example.com. SVCB 1 example.com. ( > > > > >> ipv6hint="2001:db8:122:344::192.0.2.33" > > > > >> ) --> > > > > >> 24) <!-- [rfced] Figures 14 and 15: Should "mandatory" be > written > > > > >> in the same way in both titles (i.e., either lowercase and quoted > or > > > > >> initial-capitalized and unquoted)? > > > > >> Original: > > > > >> Figure 14: A mandatory SvcParam is missing ... > > > > >> Figure 15: The "mandatory" SvcParamKey must not be included in > > > > >> the mandatory list --> > > > > >> 25) <!-- [rfced] "Acknowledgments and Related Proposals" reads > > > > >> oddly, in that the two ideas seem unrelated. "... proposed > solutions ... > > > > >> challenge proposed" reads oddly as well. > > > > >> May we make a new Section 15 ("Related Proposals") and rephrase > some > > > > >> text as suggested below? > > > > >> Original: > > > > >> 15. Acknowledgments and Related Proposals There have been a > wide > > > > >> range of proposed solutions over the years to the "CNAME at the > Zone > > > > >> Apex" challenge proposed. These include > > > > >> [I-D.bellis-dnsop-http-record], [I-D.ietf-dnsop-aname], and > others. > > > > >> Thank you to Ian Swett, Ralf Weber, Jon Reed, Martin Thomson, > Lucas > > > > >> Pardue, Ilari Liusvaara, Tim Wicinski, Tommy Pauly, Chris Wood, > David > > > > >> Benjamin, Mark Andrews, Emily Stark, Eric Orth, Kyle Rose, Craig > > > > >> Taylor, Dan McArdle, Brian Dickson, Willem Toorop, Pieter Lexis, > > > > >> Puneet Sood, Olivier Poitrey, Mashooq Muhaimen, Tom Carpay, and > many > > > > >> others for their feedback and suggestions on this draft. > > > > >> Suggested: > > > > >> 15. Related Proposals > > > > >> Over the years, there has been a wide range of proposed solutions > to > > > > >> the zone-apex CNAME challenge. These include [HTTP-DNS-RR], > > > > >> [ANAME-DNS-RR], and others. > > > > >> ... > > > > >> Acknowledgments > > > > >> Thank you to Ian Swett, Ralf Weber, Jon Reed, Martin Thomson, > Lucas > > > > >> Pardue, Ilari Liusvaara, Tim Wicinski, Tommy Pauly, Chris Wood, > David > > > > >> Benjamin, Mark Andrews, Emily Stark, Eric Orth, Kyle Rose, Craig > > > > >> Taylor, Dan McArdle, Brian Dickson, Willem Toorop, Pieter Lexis, > > > > >> Puneet Sood, Olivier Poitrey, Mashooq Muhaimen, Tom Carpay, and > many > > > > >> others for their feedback and suggestions on this document. --> > > > > >> 26) <!-- [rfced] Please review the "Inclusive Language" portion > of > > > > >> the online Style Guide at > > > > >> <https://www.rfc-editor.org/styleguide/part2/#inclusive_language > >, > > > > >> and let us know if any changes are needed. > > > > >> For example, please consider whether the following should be > updated: > > > > >> whitespace (whitespace-separated list, internal whitespace) > > > > >> --> > > > > >> 27) <!-- [rfced] Please let us know if any changes are needed > for > > > > >> the > > > > >> following: > > > > >> a) The following terms were used inconsistently in this document. > > > > >> We chose to use the latter forms. Please let us know any > objections. > > > > >> Alt-Svc Field Value / Alt-Svc field value (per [AltSvc]) > attrleaf > > > > >> label / Attrleaf label (per [Attrleaf]) > > > > >> IPv6 hint / ipv6hint (per three of the four companion documents) > > > > >> (https://www.rfc-editor.org/cluster_info.php?cid=C461 )) > > > > >> key Name / key name > > > > >> RRType (titles of Sections 14.1 and 14.2) / RR Type (per > > > > >> approx. 40 instances of "RR type" in text) wire-format / > > > > >> wireformat / wire format (noun) > > > > >> (per "wire format" in companion document > draft-ietf-add-svcb-dns) > > > > >> zone file (adj.) / zone-file (adj.) > > > > >> b) The following terms appear to be used inconsistently in this > > > > >> document. Please let us know which form is preferred. > > > > >> Additional record / additional record (We also see > > > > >> "Additionals" and "Additional A records" in Section 4.2.1.) > > > > >> additional section / Additional section / Additional Section > mode / > > > > >> Mode ("two modes", "same Mode", "connection modes") Multi-CDN > ("A > > > > >> Multi-CDN customer domain") / > > > > >> multi-CDN ("a multi-CDN configuration") > > > > >> (We suggest lowercase, based on past usage in RFCs.) Name MUST > / > > > > >> name MUST (Section 14.3.1) > > > > >> c) Should lowercase "alpn" be written in text with or without > quotes? > > > > >> alpn / "alpn" ('e.g., alpn', 'e.g., URIs or "alpn"') Also, > should > > > > >> 'non-default alpn' be 'non-default ALPN' or > > > > >> perhaps 'non-default "alpn"'? > > > > >> d) May we change the instances of "RRSet" to "RRset"? We see > that > > > > >> the latter form is used much more often in RFCs from RFC 6000 > > > > >> onwards.--> > > > > >> > > > > >> > > > > >>>> On Sep 8, 2023, rfc-editor@rfc-editor.org wrote: > > > > >>> *****IMPORTANT***** > > > > >>> Updated 2023/09/08 > > > > >>> RFC Author(s): > > > > >>> -------------- > > > > >>> Instructions for Completing AUTH48 > > > > >>> Your document has now entered AUTH48. Once it has been reviewed > > > > >>> and approved by you and all coauthors, it will be published as > an RFC. > > > > >>> If an author is no longer available, there are several remedies > > > > >>> available as listed in the FAQ (https://www.rfc-editor.org/faq/ > ). > > > > >>> You and you coauthors are responsible for engaging other parties > > > > >>> (e.g., Contributors or Working Group) as necessary before > providing > > > > >>> your approval. > > > > >>> Planning your review --------------------- Please review the > > > > >>> following aspects of your document: > > > > >>> * RFC Editor questions > > > > >>> Please review and resolve any questions raised by the RFC > Editor > > > > >>> that have been included in the XML file as comments marked as > > > > >>> follows: > > > > >>> <!-- [rfced] ... --> > > > > >>> These questions will also be sent in a subsequent email. > > > > >>> * Changes submitted by coauthors Please ensure that you > review any changes submitted by your > > > > >>> coauthors. We assume that if you do not speak up that you > > > > >>> agree to changes submitted by your coauthors. > > > > >>> * Content Please review the full content of the document, as > this cannot > > > > >>> change once the RFC is published. Please pay particular > attention to: > > > > >>> - IANA considerations updates (if applicable) > > > > >>> - contact information > > > > >>> - references > > > > >>> * Copyright notices and legends > > > > >>> Please review the copyright notice and legends as defined in > > > > >>> RFC 5378 and the Trust Legal Provisions (TLP – > https://trustee.ietf.org/license-info/ ). > > > > >>> * Semantic markup > > > > >>> Please review the markup in the XML file to ensure that > elements of > > > > >>> content are correctly tagged. For example, ensure that > <sourcecode> > > > > >>> and <artwork> are set correctly. See details at < > https://authors.ietf.org/rfcxml-vocabulary >. > > > > >>> * Formatted output > > > > >>> Please review the PDF, HTML, and TXT files to ensure that the > > > > >>> formatted output, as generated from the markup in the XML file, > is > > > > >>> reasonable. Please note that the TXT will have formatting > > > > >>> limitations compared to the PDF and HTML. > > > > >>> Submitting changes > > > > >>> ------------------ > > > > >>> To submit changes, please reply to this email using ‘REPLY ALL’ > as > > > > >>> all the parties CCed on this message need to see your changes. > The > > > > >>> parties > > > > >>> include: > > > > >>> * your coauthors > > > > >>> * rfc-editor@rfc-editor.org (the RPC team) > > > > >>> * other document participants, depending on the stream (e.g., > > > > >>> IETF Stream participants are your working group chairs, the > > > > >>> responsible ADs, and the document shepherd). > > > > >>> * auth48archive@rfc-editor.org, which is a new archival > mailing list > > > > >>> to preserve AUTH48 conversations; it is not an active > discussion > > > > >>> list: > > > > >>> * More info: > > > > >>> > https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc > > > > >>> * The archive itself: > > > > >>> https://mailarchive.ietf.org/arch/browse/auth48archive/ > > > > >>> * Note: If only absolutely necessary, you may temporarily > opt out > > > > >>> of the archiving of messages (e.g., to discuss a sensitive > matter). > > > > >>> If needed, please add a note at the top of the message > that you > > > > >>> have dropped the address. When the discussion is concluded, > > > > >>> auth48archive@rfc-editor.org will be re-added to the CC > list and > > > > >>> its addition will be noted at the top of the message. > > > > >>> You may submit your changes in one of two ways: > > > > >>> An update to the provided XML file > > > > >>> — OR — > > > > >>> An explicit list of changes in this format Section # (or > indicate > > > > >>> Global) > > > > >>> OLD: > > > > >>> old text > > > > >>> NEW: > > > > >>> new text > > > > >>> You do not need to reply with both an updated XML file and an > > > > >>> explicit list of changes, as either form is sufficient. > > > > >>> We will ask a stream manager to review and approve any changes > that > > > > >>> seem beyond editorial in nature, e.g., addition of new text, > > > > >>> deletion of text, and technical changes. Information about > stream > > > > >>> managers can be found in the FAQ. Editorial changes do not > require approval from a stream manager. > > > > >>> Approving for publication > > > > >>> -------------------------- > > > > >>> To approve your RFC for publication, please reply to this email > > > > >>> stating that you approve this RFC for publication. Please use > > > > >>> ‘REPLY ALL’, as all the parties CCed on this message need to see > your approval. > > > > >>> Files ----- > > > > >>> The files are available here: > > > > >>> https://www.rfc-editor.org/authors/rfc9460.xml > > > > >>> https://www.rfc-editor.org/authors/rfc9460.html > > > > >>> https://www.rfc-editor.org/authors/rfc9460.pdf > > > > >>> https://www.rfc-editor.org/authors/rfc9460.txt > > > > >>> Diff file of the text: > > > > >>> https://www.rfc-editor.org/authors/rfc9460-diff.html > > > > >>> https://www.rfc-editor.org/authors/rfc9460-rfcdiff.html (side > by side) > > > > >>> Diff of the XML: > https://www.rfc-editor.org/authors/rfc9460-xmldiff1.html > > > > >>> This diff file compares an altered original and the RFC (in > order to make the changes in moved text viewable): > > > > >>> https://www.rfc-editor.org/authors/rfc9460-alt-diff.html > > > > >>> Tracking progress > > > > >>> ----------------- > > > > >>> The details of the AUTH48 status of your document are here: > > > > >>> https://www.rfc-editor.org/auth48/rfc9460 > > > > >>> Please let us know if you have any questions. Thank you for > your cooperation, > > > > >>> RFC Editor > > > > >>> -------------------------------------- > > > > >>> RFC9460 (draft-ietf-dnsop-svcb-https-12) > > > > >>> Title : Service Binding and Parameter Specification > via the DNS (DNS SVCB and HTTPS Resource Records (RRs)) > > > > >>> Author(s) : B. Schwartz, M. Bishop, E. Nygren > > > > >>> WG Chair(s) : Suzanne Woolf, Benno Overeinder, Tim Wicinski > > > > >>> Area Director(s) : Warren Kumari, Robert Wilton > > > > >> <rfc9460.xml> > > > > > > > > > > <rfc9460.xml> > > > > > > > > > > >
- [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-dnsop… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Warren Kumari
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Tim Wicinski
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Mike Bishop
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Mike Bishop
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Mike Bishop
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Ben Schwartz
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Erik Nygren
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Mike Bishop
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Erik Nygren
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Erik Nygren
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Ben Schwartz
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Erik Nygren
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Mike Bishop
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Ben Schwartz
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Ben Schwartz
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Lynne Bartholomew
- [auth48] [IANA] Re: AUTH48: RFC-to-be 9460 <draft… Lynne Bartholomew
- [auth48] [IANA #1284364] [IANA] Re: AUTH48: RFC-t… Amanda Baber via RT
- Re: [auth48] [IANA #1284364] [IANA] Re: AUTH48: R… Erik Nygren
- [auth48] *[AD] Re: [IANA #1284364] [IANA] Re: AUT… Lynne Bartholomew
- Re: [auth48] *[AD] Re: [IANA #1284364] [IANA] Re:… Warren Kumari
- Re: [auth48] *[AD] Re: [IANA #1284364] [IANA] Re:… Mike Bishop
- Re: [auth48] *[AD] Re: [IANA #1284364] [IANA] Re:… Erik Nygren
- Re: [auth48] *[AD] Re: [IANA #1284364] [IANA] Re:… Ben Schwartz
- Re: [auth48] *[AD] Re: [IANA #1284364] [IANA] Re:… Lynne Bartholomew
- Re: [auth48] *[AD] Re: [IANA #1284364] [IANA] Re:… Ben Schwartz
- Re: [auth48] *[AD] Re: [IANA #1284364] [IANA] Re:… Lynne Bartholomew
- Re: [auth48] *[AD] Re: [IANA #1284364] [IANA] Re:… Ben Schwartz
- [auth48] * [IANA] **[AD] Re: AUTH48: RFC-to-be 94… Lynne Bartholomew
- Re: [auth48] * [IANA] **[AD] Re: AUTH48: RFC-to-b… Ben Schwartz
- [auth48] [IANA #1284364] [IANA] Re: AUTH48: RFC-t… Amanda Baber via RT
- Re: [auth48] [IANA #1284364] [IANA] Re: AUTH48: R… Lynne Bartholomew
- Re: [auth48] [IANA #1284364] [IANA] Re: AUTH48: R… Rob Wilton (rwilton)
- [auth48] *[AD] Re: [IANA #1284364] [IANA] Re: AUT… Lynne Bartholomew
- Re: [auth48] *[AD] Re: [IANA #1284364] [IANA] Re:… Warren Kumari
- Re: [auth48] *[AD] Re: AUTH48: RFC-to-be 9460 <dr… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9460 <draft-ietf-d… Mike Bishop