Re: [dns-privacy] Call for Adoption: draft-hal-adot-operational-considerations
"Henderson, Karl" <khenderson@verisign.com> Thu, 15 August 2019 15:14 UTC
Return-Path: <khenderson@verisign.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCC8F1200B7 for <dns-privacy@ietfa.amsl.com>; Thu, 15 Aug 2019 08:14:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BLn-PilnYRTP for <dns-privacy@ietfa.amsl.com>; Thu, 15 Aug 2019 08:14:42 -0700 (PDT)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0209212008B for <dns-privacy@ietf.org>; Thu, 15 Aug 2019 08:14:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=2964; q=dns/txt; s=VRSN; t=1565882082; h=from:to:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version:subject; bh=Zn93Zq8VwXSsdYwsLZNeNMS3/UiFhMSI9QgvXdoP6wA=; b=oitbyltEZ/hAnOmzBdD4/hnbfyPwlpYk3YIYM8VQpXJr4diWZGY20SY4 bVb+vwEQUGqhMvtIDU662gLP1Y0ZP7cio2PUtnxwk6ImIMi+B9vz8ld/x mRTXQFR/H39boOg8XSGDtRpMKd2DZapkbbjE6EpjR2RXr4y+TpHSG66J2 VJMB+zSk8yDV8Ckhk0VpuvmS3te4ugQYRft9iPikwhr158rWB7jfd3W5W vd7suysS2ZQ9IieZaqngDZPdzltmasPVfzPf91i1WHcd6SO5qZ/7fxxsb kRDbGReHzexl6l5DR6imYyzdniCPml++frgQ/Jm2/vTmxDe4rLD8C44bn Q==;
X-IronPort-AV: E=Sophos;i="5.64,389,1559520000"; d="scan'208";a="10872982"
IronPort-PHdr: 9a23:wJjAqR1tLmTUQ2IKsmDT+DRfVm0co7zxezQtwd8ZsesWKfrxwZ3uMQTl6Ol3ixeRBMOHsqgC0rGP+PC7EUU7or+5+EgYd5JNUxJXwe43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRpOOv1BpTSj8Oq3Oyu5pHfeQpFiCejbb9oMRm7oxjdusYVjIZsN6081gbHrnxUdupM2GhmP0iTnxHy5sex+J5s7SFdsO8/+sBDTKv3Yb02QaRXAzo6PW814tbrtQTYQguU+nQcSGQWnQFWDAXD8Rr3Q43+sir+tup6xSmaIcj7Rq06VDi+86tmTgLjhSEaPDA77W7XkNR9gqJFrhy8uxxxzY3aYI+XO/Vwf6PSYdwUSmVaU8ZNTCNBB5+wY5cVAucDO+tTsonzp0EJrRu7HQSgCuHhxSFOhnDrw6I6yf8hEQbA3AA4AtkAtW7brM/xNKscTOu4y6rIzTXdYPNQxDjy9pLIcgsmofGKRr9wb9TeyVMuFwPej1WQporlMymJ2eQKtmiW9uxtXv+hhW4grgF+uDmvxsE0h4nImI0V1l7E+T9+wIYvKt21TlNwb928EJZIqi2WK5F6Tt4gTmxmoio2170LtJChcCUFzJkr3wPTZ+Cdf4SV4B/vSPydLSp3iX9mYr6zmhW//VCuyuLiVcS4zFNHoy9Hn9bQqnwCzRne5tWbRfRh+0qs2SuA2B7d6uxBJU07iLfUJIAnz7UtjJQcq17DETXzmEjuia+WcVgr9faw5uT8Z7XmuoecN4hpigHiKqgumtKwAeA/MgUWQmWV5fyy2KDj8kPhT7tFj+E6nrfDvJDEOcsbobS5AxdP3ok59hmzFSmm0M4DnXkBNl5KZBWHj43xN1HPJvD3E+u/jkyxnDt33fzKI7/sD5vXInTekLrsc6xx5kFYxQYryNBQ/ZNUCrUPIPLpXU/xscTVDhw5MwOqxeboFcty1pkFWWKIBK+UK73SvkGS5uIuOOmMZYAVuDDnJ/c54P7uiGc1mUUBcqmxwZsXdHe4E+x9I0WFf3XsmtcBHnkMvgYkQuzlkkeCUSRNaHa2W6Ix/S00CJm8AYffWo+inaaN3CalEZdOfGBJFkiMEWv0d4WDQ/oDdSSSItR4njwcT7ihSpEh2guyuw760LdnL/Tb+jEWtZ7509h1/eLTxlkO8mk+FNiQy2GASSd6l3kSSjsy9Ktk51B2xhGC3OIw1+dEGMRT6vUPXA4gL5PYy8RxEJbuUQ6Hf9rfDB7sTtO9RCkrT8w4yM4mYkthFZOllB+Jl36mBaRQj6aKGpU/44rd0mT/YcFnxCCV+rMmigxsYsZJOWC8nal5s0DwDpTN2Q3NlKanc6gRxjXK8k+dwHCPp0BXVkh7VqCTDiNXXVffsdmsvhCKdLSpE7lyagY=
X-IPAS-Result: A2EeAAAOdlVd/zGZrQplGwEBAQEDAQEBBwMBAQGBVAUBAQELAYMEgS4KhBWQeCWDaJUpgW4NCQEBAQEBAQEBAQcBGAsMAQEChD0CF4MhNQgOAgQBAQEEAQEBAwEGAwEBAQKGEAyCOiIcTWsBAQEBAQEjAkQsAQEBAQIBAQEbBgQNOhsCAQgYAgImAgICJQsVEAIEARKDIgGBex6qFX8zijgGgQwoAYt/gUE+gREnDBOCTD6CYQEBgWEXgnQygiYEjxCcPQMGAoIdlE6YPo1XmAQCBAIEBQIVgVIBgg5wUCoBgkGCeohOhT9yjgiBIQEB
Received: from BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Thu, 15 Aug 2019 11:14:40 -0400
Received: from BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde]) by BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde%4]) with mapi id 15.01.1713.004; Thu, 15 Aug 2019 11:14:40 -0400
From: "Henderson, Karl" <khenderson@verisign.com>
To: "stephen.farrell@cs.tcd.ie" <stephen.farrell@cs.tcd.ie>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Thread-Topic: [EXTERNAL] Re: [dns-privacy] Call for Adoption: draft-hal-adot-operational-considerations
Thread-Index: AQHVU2p1C/DWNWAU8UCCDm20W3i8H6b8daYA///b44A=
Date: Thu, 15 Aug 2019 15:14:40 +0000
Message-ID: <D3D57DA0-5DD4-4147-9DA7-7DED3CA5B5E3@verisign.com>
References: <85A54534-137F-433C-B0BB-C8F6278E1FF0@verisign.com> <73f3cb03-db3b-98da-f264-d638f1091e6c@cs.tcd.ie>
In-Reply-To: <73f3cb03-db3b-98da-f264-d638f1091e6c@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.c.190715
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <6BAAE2725C5E364FB0D5E8C8D5FDAC4C@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/X3WWPPpWHLz1IvSuP-pAi3nOhjg>
Subject: Re: [dns-privacy] Call for Adoption: draft-hal-adot-operational-considerations
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Aug 2019 15:14:45 -0000
Hi Stephen, The intent is to be both descriptive (outlining the problem space and things that need to be considered for robust deployment) and prescriptive in areas we feel are necessary (i.e. TLS 1.3 SHOULD be preferred over TLS 1.2...). This is in line with the other RFCs noted earlier (RFC2541 and RFC4472). We will include research/analysis results and steps as they become available. Thanks, Karl On 8/15/19, 9:24 AM, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> wrote: Hi Karl, On 15/08/2019 14:07, Henderson, Karl wrote: > Stephen, > > Thanks for your thorough and thoughtful review. > > To answer question #0, we are aiming for RFC with Informational > category. This is in line with other operational considerations such > as RFC2541->RFC6781 and RFC4472. Ok, so the eventual aim is to document the results of the analysis as those affect how one might deploy ADOT sensibly? (But not to document all the steps in the analysis that lead to those results?) If so, that could make sense yes. Might be early to start though and the current text doesn't really do that, but is (I think) for now more describing the analyses you think need doing. Is that about right? And to be clear: I think ending up with such a document is a fine plan if it also provides guidance on how to achieve the aimed-for privacy benefits. My concern is more that it may be hard (and ultimately unnecessary) to try get WG consensus on text that describes the work to be done (which'll likely include experiments for which in the end there's no need to report) rather than the results after the work is done. Cheers, S. > > I will discuss your other questions and suggestion for a non-operator > author with my co-authors. > > Regards, Karl > > > _______________________________________________ dns-privacy mailing > list dns-privacy@ietf.org > https://www.ietf.org/mailman/listinfo/dns-privacy >
- [dns-privacy] Call for Adoption: draft-hal-adot-o… Brian Haberman
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Stephen Farrell
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Hollenbeck, Scott
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Hugo Connery
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Henderson, Karl
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Stephen Farrell
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Ben Schwartz
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Henderson, Karl
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Hugo Maxwell Connery
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Henderson, Karl
- Re: [dns-privacy] [Ext] Call for Adoption: draft-… Paul Hoffman
- Re: [dns-privacy] [Ext] Call for Adoption: draft-… Henderson, Karl
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Henderson, Karl
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Stephen Farrell
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Henderson, Karl
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Ben Schwartz
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Ben Schwartz
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Christian Huitema
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Ben Schwartz
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… James Galvin
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Brian Dickson
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Brian Dickson
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Rob Sayre
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… John Levine
- Re: [dns-privacy] Call for Adoption: draft-hal-ad… Brian Haberman