IETF Logo Mail Archive

Re: [dbound] [DNSOP] Related Domains By DNS (RDBD) Draft

"John R. Levine" <johnl@iecc.com> Wed, 27 February 2019 17:32 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dbound@ietfa.amsl.com
Delivered-To: dbound@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 213BF13101F for <dbound@ietfa.amsl.com>; Wed, 27 Feb 2019 09:32:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 91RWdGBMMEsk for <dbound@ietfa.amsl.com>; Wed, 27 Feb 2019 09:32:49 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A36AD130FFF for <dbound@ietf.org>; Wed, 27 Feb 2019 09:32:46 -0800 (PST)
Received: (qmail 6603 invoked from network); 27 Feb 2019 17:26:04 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:reply-to:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=19c9.5c76c82c.k1902; bh=gsj/sSnUx7UarQGRiLuChokyrtrivXWnc98xnQd9dRg=; b=bbJrCx5MXwxvwkhxKfIQ5wFE9tFtBwwtepzwfO8XeNBJh3+754a9k/uiqsZzSNXsDL9vmIeRlWUD8XDiUqiW05cXmYcT7KrFfFjs0p3oVf/+XJ/VcnigZnzR6krGp/8XV2vrmnT+mccKfJjo+Vz577bXKvmvNiGsyAfYaigL8eZLJd7sq1tM/ZS8UQK+pu3Ma+2LrYCakoT+ja3cs/eDiY5LJTRwWV/A+utQGEoamCu8WyQ4/mQgKMkJfIK3zitN
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTP via TCP6; 27 Feb 2019 17:26:04 -0000
Date: Wed, 27 Feb 2019 12:26:03 -0500
Message-ID: <alpine.OSX.2.21.1902271223230.16715@ary.local>
From: "John R. Levine" <johnl@iecc.com>
Reply-To: dbound@ietf.org
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: "art@ietf.org" <art@ietf.org>, "dnsop@ietf.org" <dnsop@ietf.org>, "dbound@ietf.org" <dbound@ietf.org>
In-Reply-To: <8cbf0062-35c6-a8bd-e809-c6a5e9ce16c8@cs.tcd.ie>
References: <5de9ba1c3ae34edb9c7f39e0e9c3b143@PACDCEX19.cable.comcast.com> <alpine.LRH.2.21.1902270920580.8896@bofh.nohats.ca> <alpine.LRH.2.21.1902271037500.21061@bofh.nohats.ca> <8cbf0062-35c6-a8bd-e809-c6a5e9ce16c8@cs.tcd.ie>
User-Agent: Alpine 2.21 (OSX 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dbound/NsKa5BznYF54HDi8nRGaBJqO6z8>
Subject: Re: [dbound] [DNSOP] Related Domains By DNS (RDBD) Draft
X-BeenThere: dbound@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS tree bounds <dbound.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dbound>, <mailto:dbound-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dbound/>
List-Post: <mailto:dbound@ietf.org>
List-Help: <mailto:dbound-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dbound>, <mailto:dbound-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2019 17:32:50 -0000

> new signatures), I myself only copped on that this could
> be of some use where the primary has DNSSEC but where the
> secondary doesn't, which is maybe interesting.

In that case, the primary can just publish pointers to the secondaries, 
and we're done.

The DKIM-like signatures have an odd model where the primary has enough 
control over its DNS to publish the validation key, and enough to give the 
secondaries signed records for their names they can publish that point 
back to that key, but not enough just to publish the secondaries' names 
directly.  I don't get it.

Regards,
John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email