Re: [dhcwg] Trust model of Client FQDN option

Ted Lemon <mellon@nominum.com> Wed, 04 August 2004 19:49 UTC

Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA03671; Wed, 4 Aug 2004 15:49:07 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1BsRh4-0007nU-8J; Wed, 04 Aug 2004 15:44:58 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1BsRZb-0006U2-JE for dhcwg@megatron.ietf.org; Wed, 04 Aug 2004 15:37:15 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA02777 for <dhcwg@ietf.org>; Wed, 4 Aug 2004 15:37:13 -0400 (EDT)
Received: from toccata.fugue.com ([204.152.186.142]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1BsRcv-0006yh-Qp for dhcwg@ietf.org; Wed, 04 Aug 2004 15:40:43 -0400
Received: from [130.129.131.89] (opene-130-129-131-89.ietf60.ietf.org [130.129.131.89]) by toccata.fugue.com (Postfix) with ESMTP id AF56E1B22C7; Wed, 4 Aug 2004 14:36:14 -0500 (CDT)
In-Reply-To: <000201c47a4f$78a634e0$3f428182@amer.cisco.com>
References: <000201c47a4f$78a634e0$3f428182@amer.cisco.com>
Mime-Version: 1.0 (Apple Message framework v618)
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Message-Id: <AD320063-E64D-11D8-8860-000A95D9C74C@nominum.com>
Content-Transfer-Encoding: 7bit
From: Ted Lemon <mellon@nominum.com>
Subject: Re: [dhcwg] Trust model of Client FQDN option
Date: Wed, 04 Aug 2004 12:37:10 -0700
To: Bernie Volz <volz@cisco.com>
X-Mailer: Apple Mail (2.618)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 79899194edc4f33a41f49410777972f8
Content-Transfer-Encoding: 7bit
Cc: dhcwg@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: dhcwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Sender: dhcwg-bounces@ietf.org
Errors-To: dhcwg-bounces@ietf.org
Content-Transfer-Encoding: 7bit

On Aug 4, 2004, at 11:18 AM, Bernie Volz wrote:
> And, we probably should add a 4th point ... If a DNS server allows 
> dynamic
> DNS updates, it is the final authority of what it allows to be added,
> removed, or modified in a zone and should have properly configured 
> policies
> to prohibit operations that are not intended. Simply assuming that any
> update from a trusted source (such as a DHCP server with a valid TSIG 
> key)
> should be performed is likely not acceptable.

I would expect this to be a rather controversial statement, and I think 
we should leave it out.   It could be equally legitimately argued that 
if you give some entity a key to update a zone, you are trusting that 
entity not to do anything inappropriate with the key, and that if you 
do  not trust that entity, you should not have given it such a key.

I'm not saying either position is correct - they are both valid.   So 
asserting one over the other seems like a recipe for delay.


_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg