IETF Logo Mail Archive

Re: [dns-privacy] Call for Adoption: draft-hal-adot-operational-considerations

"Henderson, Karl" <khenderson@verisign.com> Thu, 15 August 2019 15:14 UTC

Return-Path: <khenderson@verisign.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCC8F1200B7 for <dns-privacy@ietfa.amsl.com>; Thu, 15 Aug 2019 08:14:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BLn-PilnYRTP for <dns-privacy@ietfa.amsl.com>; Thu, 15 Aug 2019 08:14:42 -0700 (PDT)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0209212008B for <dns-privacy@ietf.org>; Thu, 15 Aug 2019 08:14:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=2964; q=dns/txt; s=VRSN; t=1565882082; h=from:to:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version:subject; bh=Zn93Zq8VwXSsdYwsLZNeNMS3/UiFhMSI9QgvXdoP6wA=; b=oitbyltEZ/hAnOmzBdD4/hnbfyPwlpYk3YIYM8VQpXJr4diWZGY20SY4 bVb+vwEQUGqhMvtIDU662gLP1Y0ZP7cio2PUtnxwk6ImIMi+B9vz8ld/x mRTXQFR/H39boOg8XSGDtRpMKd2DZapkbbjE6EpjR2RXr4y+TpHSG66J2 VJMB+zSk8yDV8Ckhk0VpuvmS3te4ugQYRft9iPikwhr158rWB7jfd3W5W vd7suysS2ZQ9IieZaqngDZPdzltmasPVfzPf91i1WHcd6SO5qZ/7fxxsb kRDbGReHzexl6l5DR6imYyzdniCPml++frgQ/Jm2/vTmxDe4rLD8C44bn Q==;
X-IronPort-AV: E=Sophos;i="5.64,389,1559520000"; d="scan'208";a="10872982"
IronPort-PHdr: 9a23:wJjAqR1tLmTUQ2IKsmDT+DRfVm0co7zxezQtwd8ZsesWKfrxwZ3uMQTl6Ol3ixeRBMOHsqgC0rGP+PC7EUU7or+5+EgYd5JNUxJXwe43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRpOOv1BpTSj8Oq3Oyu5pHfeQpFiCejbb9oMRm7oxjdusYVjIZsN6081gbHrnxUdupM2GhmP0iTnxHy5sex+J5s7SFdsO8/+sBDTKv3Yb02QaRXAzo6PW814tbrtQTYQguU+nQcSGQWnQFWDAXD8Rr3Q43+sir+tup6xSmaIcj7Rq06VDi+86tmTgLjhSEaPDA77W7XkNR9gqJFrhy8uxxxzY3aYI+XO/Vwf6PSYdwUSmVaU8ZNTCNBB5+wY5cVAucDO+tTsonzp0EJrRu7HQSgCuHhxSFOhnDrw6I6yf8hEQbA3AA4AtkAtW7brM/xNKscTOu4y6rIzTXdYPNQxDjy9pLIcgsmofGKRr9wb9TeyVMuFwPej1WQporlMymJ2eQKtmiW9uxtXv+hhW4grgF+uDmvxsE0h4nImI0V1l7E+T9+wIYvKt21TlNwb928EJZIqi2WK5F6Tt4gTmxmoio2170LtJChcCUFzJkr3wPTZ+Cdf4SV4B/vSPydLSp3iX9mYr6zmhW//VCuyuLiVcS4zFNHoy9Hn9bQqnwCzRne5tWbRfRh+0qs2SuA2B7d6uxBJU07iLfUJIAnz7UtjJQcq17DETXzmEjuia+WcVgr9faw5uT8Z7XmuoecN4hpigHiKqgumtKwAeA/MgUWQmWV5fyy2KDj8kPhT7tFj+E6nrfDvJDEOcsbobS5AxdP3ok59hmzFSmm0M4DnXkBNl5KZBWHj43xN1HPJvD3E+u/jkyxnDt33fzKI7/sD5vXInTekLrsc6xx5kFYxQYryNBQ/ZNUCrUPIPLpXU/xscTVDhw5MwOqxeboFcty1pkFWWKIBK+UK73SvkGS5uIuOOmMZYAVuDDnJ/c54P7uiGc1mUUBcqmxwZsXdHe4E+x9I0WFf3XsmtcBHnkMvgYkQuzlkkeCUSRNaHa2W6Ix/S00CJm8AYffWo+inaaN3CalEZdOfGBJFkiMEWv0d4WDQ/oDdSSSItR4njwcT7ihSpEh2guyuw760LdnL/Tb+jEWtZ7509h1/eLTxlkO8mk+FNiQy2GASSd6l3kSSjsy9Ktk51B2xhGC3OIw1+dEGMRT6vUPXA4gL5PYy8RxEJbuUQ6Hf9rfDB7sTtO9RCkrT8w4yM4mYkthFZOllB+Jl36mBaRQj6aKGpU/44rd0mT/YcFnxCCV+rMmigxsYsZJOWC8nal5s0DwDpTN2Q3NlKanc6gRxjXK8k+dwHCPp0BXVkh7VqCTDiNXXVffsdmsvhCKdLSpE7lyagY=
X-IPAS-Result: A2EeAAAOdlVd/zGZrQplGwEBAQEDAQEBBwMBAQGBVAUBAQELAYMEgS4KhBWQeCWDaJUpgW4NCQEBAQEBAQEBAQcBGAsMAQEChD0CF4MhNQgOAgQBAQEEAQEBAwEGAwEBAQKGEAyCOiIcTWsBAQEBAQEjAkQsAQEBAQIBAQEbBgQNOhsCAQgYAgImAgICJQsVEAIEARKDIgGBex6qFX8zijgGgQwoAYt/gUE+gREnDBOCTD6CYQEBgWEXgnQygiYEjxCcPQMGAoIdlE6YPo1XmAQCBAIEBQIVgVIBgg5wUCoBgkGCeohOhT9yjgiBIQEB
Received: from BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Thu, 15 Aug 2019 11:14:40 -0400
Received: from BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde]) by BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde%4]) with mapi id 15.01.1713.004; Thu, 15 Aug 2019 11:14:40 -0400
From: "Henderson, Karl" <khenderson@verisign.com>
To: "stephen.farrell@cs.tcd.ie" <stephen.farrell@cs.tcd.ie>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Thread-Topic: [EXTERNAL] Re: [dns-privacy] Call for Adoption: draft-hal-adot-operational-considerations
Thread-Index: AQHVU2p1C/DWNWAU8UCCDm20W3i8H6b8daYA///b44A=
Date: Thu, 15 Aug 2019 15:14:40 +0000
Message-ID: <D3D57DA0-5DD4-4147-9DA7-7DED3CA5B5E3@verisign.com>
References: <85A54534-137F-433C-B0BB-C8F6278E1FF0@verisign.com> <73f3cb03-db3b-98da-f264-d638f1091e6c@cs.tcd.ie>
In-Reply-To: <73f3cb03-db3b-98da-f264-d638f1091e6c@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.c.190715
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <6BAAE2725C5E364FB0D5E8C8D5FDAC4C@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/X3WWPPpWHLz1IvSuP-pAi3nOhjg>
Subject: Re: [dns-privacy] Call for Adoption: draft-hal-adot-operational-considerations
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Aug 2019 15:14:45 -0000

Hi Stephen,

The intent is to be both descriptive (outlining the problem space and things that need to be considered for robust deployment) and prescriptive in areas we feel are necessary (i.e. TLS 1.3 SHOULD be preferred over TLS 1.2...). This is in line with the other RFCs noted earlier (RFC2541 and RFC4472). 

We will include research/analysis results and steps as they become available. 

Thanks,
Karl

On 8/15/19, 9:24 AM, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> wrote:

    
    Hi Karl,
    
    On 15/08/2019 14:07, Henderson, Karl wrote:
    > Stephen,
    > 
    > Thanks for your thorough and thoughtful review.
    > 
    > To answer question #0, we are aiming for RFC with Informational
    > category. This is in line with other operational considerations such
    > as RFC2541->RFC6781 and RFC4472.
    
    Ok, so the eventual aim is to document the results
    of the analysis as those affect how one might deploy
    ADOT sensibly? (But not to document all the steps
    in the analysis that lead to those results?)
    
    If so, that could make sense yes. Might be early
    to start though and the current text doesn't really
    do that, but is (I think) for now more describing
    the analyses you think need doing.
    
    Is that about right?
    
    And to be clear: I think ending up with such a
    document is a fine plan if it also provides
    guidance on how to achieve the aimed-for privacy
    benefits. My concern is more that it may be hard
    (and ultimately unnecessary) to try get WG consensus
    on text that describes the work to be done (which'll
    likely include experiments for which in the end
    there's no need to report) rather than the results
    after the work is done.
    
    Cheers,
    S.
    
    > 
    > I will discuss your other questions and suggestion for a non-operator
    > author with my co-authors.
    > 
    > Regards, Karl
    > 
    > 
    > _______________________________________________ dns-privacy mailing
    > list dns-privacy@ietf.org 
    > https://www.ietf.org/mailman/listinfo/dns-privacy
    >

v2.23.0 | Report a Bug | By Email