IETF Logo Mail Archive

Re: [dns-privacy] I-D Action: draft-ietf-dprive-dnsodtls-05.txt

Stephane Bortzmeyer <bortzmeyer@nic.fr> Wed, 16 March 2016 13:36 UTC

Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3921112D532 for <dns-privacy@ietfa.amsl.com>; Wed, 16 Mar 2016 06:36:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6xezJPeWNL-O for <dns-privacy@ietfa.amsl.com>; Wed, 16 Mar 2016 06:36:31 -0700 (PDT)
Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A478D12D50A for <dns-privacy@ietf.org>; Wed, 16 Mar 2016 06:36:31 -0700 (PDT)
Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 18BAF2806BE; Wed, 16 Mar 2016 14:36:30 +0100 (CET)
Received: from relay1.nic.fr (relay1.nic.fr [192.134.4.162]) by mx4.nic.fr (Postfix) with ESMTP id 13D692806A6; Wed, 16 Mar 2016 14:36:30 +0100 (CET)
Received: from bortzmeyer.nic.fr (unknown [IPv6:2001:67c:1348:7::86:133]) by relay1.nic.fr (Postfix) with ESMTP id 089FF4C002B; Wed, 16 Mar 2016 14:36:00 +0100 (CET)
Date: Wed, 16 Mar 2016 14:36:00 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
Message-ID: <20160316133559.GA16437@nic.fr>
References: <20160316045110.15311.36194.idtracker@ietfa.amsl.com> <941c4764331d4933b63b720cba53bc6e@XCH-RCD-017.cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <941c4764331d4933b63b720cba53bc6e@XCH-RCD-017.cisco.com>
X-Operating-System: Debian GNU/Linux stretch/sid
X-Kernel: Linux 4.3.0-1-686-pae i686
X-Charlie: Je suis Charlie
Organization: NIC France
X-URL: http://www.nic.fr/
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/2q3Gk_jRVf-8XXLhTvQEsbOTDPs>
Cc: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Subject: Re: [dns-privacy] I-D Action: draft-ietf-dprive-dnsodtls-05.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2016 13:36:33 -0000

On Wed, Mar 16, 2016 at 04:54:33AM +0000,
 Tirumaleswar Reddy (tireddy) <tireddy@cisco.com> wrote 
 a message of 64 lines which said:

> This revision addresses comments from Stephane.

Yes, I like the new text in the Security Considerations. But I'm not
completely happy with the changes.

1) There is now no mention of ICMP. I understand why, ICMP is not
authentified but I can hear the IESG asking "What the client should do
when receiving ICMP errors?"

2) You now demultiplex by "Query ID, Query type and Query class". What
about the QNAME? It seems more important than the class...

v2.23.0 | Report a Bug | By Email