Re: [dbound] [DNSOP] Related Domains By DNS (RDBD) Draft

Paul Wouters <paul@nohats.ca> Wed, 27 February 2019 15:48 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: dbound@ietfa.amsl.com
Delivered-To: dbound@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDD0C130E71; Wed, 27 Feb 2019 07:48:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hePNRJzgU5dM; Wed, 27 Feb 2019 07:48:33 -0800 (PST)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 359931200B3; Wed, 27 Feb 2019 07:48:33 -0800 (PST)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 448g7y6HMczD0B; Wed, 27 Feb 2019 16:48:30 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1551282510; bh=H49nfX1vedMxsGQC3GO0kJZ7kdUNib+HOKxKQTueBFI=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=T7hIHKLOQVM3U/SG1ZSmH+8M1Pta1wgrQlpyzPGOBaMSaIn/8OBiIEupMWZz9LAHq XjLY9/oqYGKwOb/ly4GFtVQrTfbSbb87eG7fY3rtUih0sUV+udmXZYAkW9rZBi7H/t JttCHdSzxteIgh+ERzMNm5foQnm1wfrEyNTZKC8c=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id bXuWlKpCrdfx; Wed, 27 Feb 2019 16:48:29 +0100 (CET)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Wed, 27 Feb 2019 16:48:28 +0100 (CET)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 92803A7E0C; Wed, 27 Feb 2019 10:48:27 -0500 (EST)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 92803A7E0C
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 84DDA40D358A; Wed, 27 Feb 2019 10:48:27 -0500 (EST)
Date: Wed, 27 Feb 2019 10:48:27 -0500 (EST)
From: Paul Wouters <paul@nohats.ca>
To: "Brotman, Alexander" <Alexander_Brotman@comcast.com>
cc: "art@ietf.org" <art@ietf.org>, "dbound@ietf.org" <dbound@ietf.org>, "dnsop@ietf.org" <dnsop@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
In-Reply-To: <alpine.LRH.2.21.1902270920580.8896@bofh.nohats.ca>
Message-ID: <alpine.LRH.2.21.1902271037500.21061@bofh.nohats.ca>
References: <5de9ba1c3ae34edb9c7f39e0e9c3b143@PACDCEX19.cable.comcast.com> <alpine.LRH.2.21.1902270920580.8896@bofh.nohats.ca>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Archived-At: <https://mailarchive.ietf.org/arch/msg/dbound/iR4UtoLeDPYb7GBPgeNltRm6vWg>
Subject: Re: [dbound] [DNSOP] Related Domains By DNS (RDBD) Draft
X-BeenThere: dbound@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS tree bounds <dbound.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dbound>, <mailto:dbound-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dbound/>
List-Post: <mailto:dbound@ietf.org>
List-Help: <mailto:dbound-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dbound>, <mailto:dbound-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2019 15:48:35 -0000

On Wed, 27 Feb 2019, Paul Wouters wrote:

>>  https://datatracker.ietf.org/doc/draft-brotman-rdbd/
>
> I've read the draft, and I have my usual complaints.

I scanned this document a bit too fast, with an eye on parent-child
relationships and didn't fully realise this is about relating domains
at different parts in the DNS hierarchy alltogether.

So now I do understand the format and use better. I'm not sure if the
DNS is the best place for this information, but it is not the worst
place either. So in that sense this proposal seems fine.

I do still have a concern that this is using its own signature schemes
embedded in the records instead of relying on DNSSEC. But I guess
that's just the world we live in now.

Paul