Re: [dns-privacy] Call for Adoption: draft-hal-adot-operational-considerations

Brian Dickson <> Wed, 28 August 2019 18:20 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4A55B12024E for <>; Wed, 28 Aug 2019 11:20:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id jLlDw6wVbwTD for <>; Wed, 28 Aug 2019 11:20:45 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::e2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9352B120274 for <>; Wed, 28 Aug 2019 11:20:43 -0700 (PDT)
Received: by with SMTP id q16so645701vsm.2 for <>; Wed, 28 Aug 2019 11:20:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=c5RWzf4iPLmynzXoR0H1mRi+VpDMEUi1LtbZOMIpDik=; b=D2s3QnqdQCQ1xAxxem3dbn1tR2lDA1qDC3XEkN7zQm4vPFa2nCoGuVYtz71Cy9VRpj 5uUb+k5bV7B3tvq61tsju+UGxMfrG3+Xp4NTQtcYh0Gh5CeuS6yL4wUw+nIaKuHUBMk3 f9NXMztUHxpSCB67ZpcdzytzOf+MasOveRZoChVIwb8+AlP+e5HM7WrzUKkUZ4HEsN4X TZwj9GQAxoDYSDQ7BjL1VlJUFDcPq1BcecgxESkH0wAlIflHXzYf4SaPut9oQVf50J7s UG8/OFJMbRf7GuCQxiDGMxXRXKX5FiwBdcIO4g7Hn5D1MDRczR7C1XIMsoqU/z29q4Rv YJig==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=c5RWzf4iPLmynzXoR0H1mRi+VpDMEUi1LtbZOMIpDik=; b=UnBCxS8/BovzJohV3f9MvueaCSTkZhkf2dX0Q+2NxZhbtljLzwd6Ib+96L6nS2Yvs4 kAvjWiHtgUiEsihloXD9NvRwhngWiEM+AB3ASfI43TggApqHaX1aUjDVmc/hSMENeq4C THPjhLukFMeFln+IzE1nvxnSNQ7H/Ss5iWcryz1OC2F3Oe6j4wSU65l0KUFh0PkfeUab WQjsqm/D3j6qhNwGwf5vcuS7ZB/5LT4N5QnvBJzYabJcsiEk/b4+VtObZKiUfQA1wX/Z Fy2Fn/l0v6GeyYb6mRUJhSRlId2ECYJCvrFnFJBt3r84vPhd4Z+t1TuYlDdJfW8mORUF OlKQ==
X-Gm-Message-State: APjAAAXnxzZWEF3dZxxV7pZg/g5FhesXgPE9LTKRdcO78lrm6sNGfgfw YTxMpnRRLY/lAa3V0Gso4OHOYzlu6uXn6eZY0f8qBA==
X-Google-Smtp-Source: APXvYqzF1E/bJiikfuUAbySGnZE+BD5djwUQx5ruhS9zldLnMf5SgFUULeIeFnDxx7orgFJ7/bnxAezRfvrQDtjg1Ik=
X-Received: by 2002:a67:be0b:: with SMTP id x11mr3033158vsq.75.1567016442601; Wed, 28 Aug 2019 11:20:42 -0700 (PDT)
MIME-Version: 1.0
References: <>
In-Reply-To: <>
From: Brian Dickson <>
Date: Wed, 28 Aug 2019 11:20:30 -0700
Message-ID: <>
To: Brian Haberman <>
Content-Type: multipart/alternative; boundary="0000000000006b26580591317203"
Archived-At: <>
Subject: Re: [dns-privacy] Call for Adoption: draft-hal-adot-operational-considerations
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 28 Aug 2019 18:20:48 -0000

On Wed, Aug 14, 2019 at 1:40 PM Brian Haberman <>;

> This starts a Call for Adoption for
> draft-hal-adot-operational-considerations
> The draft is available here:
> Please review this draft to see if you think it is suitable for adoption
> by DPRIVE, and comment to the list, clearly stating your view.
I am in favor of adoption of this draft by DPRIVE.

My view is as follows:
- DNS is an ecosystem which by definition requires interoperability.
- Authority operators are a distinct subset of the participants in the DNS
- Authority operators of registered domains (as distinct from
delegation-only domains) have operational concerns (including scaling
issues and performance issues) that are appropriate to consider BEFORE the
development of ADoT itself.
- I.e. The draft should be input to the ADoT development process, similar
to a requirements document.
- Doing development of ADoT without this would be another example of IETF
"paper engineering", which while attractive to some participants, is very
harmful to reasonably mature ecosystems. (The "paper engineering" practice
is harmful even in green-field, IMHO.)
- Operational considerations != deployment guidelines. This is basically a
pre-emptive feedback to the standards design, based on known issues that
will affect any flavor of ADoT, no matter what it looks like.
- Deployment guidelines to operators would follow implementations, which
would follow standard development, which *should* take into consideration a
variety of factors, which this document covers.
- There is work to be done on the document, but it is a great start.

> Please also indicate if you are willing to contribute text, review, etc.

All of the above.

Brian Dickson
(Speaking for myself, but with the viewpoint of someone doing both
authority server operation and software development on authority server
software, intending to implement ADoT.)

> This call for adoption ends: 28 August 2019
> Thanks,
> Brian & Tim
> _______________________________________________
> dns-privacy mailing list