Re: [dns-privacy] Robert Wilton's No Objection on draft-ietf-dprive-xfr-over-tls-11: (with COMMENT)

Sara Dickinson <sara@sinodun.com> Thu, 06 May 2021 11:58 UTC

Return-Path: <sara@sinodun.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB78A3A1F2C; Thu, 6 May 2021 04:58:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sinodun.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LemMntwVZHRY; Thu, 6 May 2021 04:58:31 -0700 (PDT)
Received: from haggis.mythic-beasts.com (haggis.mythic-beasts.com [IPv6:2a00:1098:0:86:1000:0:2:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBB573A1F2B; Thu, 6 May 2021 04:58:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sinodun.com ; s=mythic-beasts-k1; h=To:Date:From:Subject; bh=7l9m/VwmnnHhy235ZR689AMy42A+CJJOnON/d/jlsS8=; b=kikPl8TgzGhqCcgLexupbgwz3u IDds/mYU6tzufpC3B1bw+Rn8CZVChApNToOJd9iu7jW9RaSKSNWBdOG0Nlnf8TkBvDyyrPoxdlZ0U L+ax/cNHveirEfb+M1zEt4RcOVt1jCuV0Et7SGVXLVGsylydXHZiGNbiOSWsh4ZNxFGz27wfp05vB mMJlM6C3eN7oCPue9/JnDsDtT13rTionHnyYgib+S+XXwDbFpxB4FDGUtRId4sd92oWXBb1I6vGqG k9WAyEC882rYZ42RE5VHCKwcn7yKcmq0FH/c/RT4bdfH6xkt3ZnKqbCRHnPxdiUPBCIq+bM0tO5Ax 1TmLjrLg==;
Received: from [62.232.251.194] (port=11129 helo=[172.27.240.5]) by haggis.mythic-beasts.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from <sara@sinodun.com>) id 1leceD-0002CN-5a; Thu, 06 May 2021 12:58:29 +0100
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.20\))
From: Sara Dickinson <sara@sinodun.com>
In-Reply-To: <162029258799.4438.17810066446598908741@ietfa.amsl.com>
Date: Thu, 6 May 2021 12:58:25 +0100
Cc: The IESG <iesg@ietf.org>, draft-ietf-dprive-xfr-over-tls@ietf.org, dprive-chairs@ietf.org, dns-privacy@ietf.org, tjw.ietf@gmail.com
Content-Transfer-Encoding: quoted-printable
Message-Id: <BD583019-493F-4D4A-B69B-C6CDE79993DF@sinodun.com>
References: <162029258799.4438.17810066446598908741@ietfa.amsl.com>
To: Robert Wilton <rwilton@cisco.com>
X-Mailer: Apple Mail (2.3445.104.20)
X-BlackCat-Spam-Score: 4
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/f51kDbyMF030_ajn4M2WIV0ITNs>
Subject: Re: [dns-privacy] Robert Wilton's No Objection on draft-ietf-dprive-xfr-over-tls-11: (with COMMENT)
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 May 2021 11:58:36 -0000


> On 6 May 2021, at 10:16, Robert Wilton via Datatracker <noreply@ietf.org> wrote:
> 
> Robert Wilton has entered the following ballot position for
> draft-ietf-dprive-xfr-over-tls-11: No Objection
> 
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-dprive-xfr-over-tls/
> 
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> Hi,
> 
> Thank you for this document.
> 
> I was surprised by the length of this document - i.e., 40 pages to say to use
> TLS rather than TCP, and noting that DoH is only 20 pages long!
> 
> But in reality, this document seems to be more than just zone transfers over
> TLS and seems to clarify/optimize various behavior related to using TCP
> connection handling.

Indeed - it started out at about half this length and then grew, particularly with the updates to the earlier specifications were added!

> 
> I have a few concrete suggestions that you are at liberty to handle as you see
> fit:
> 
> (1) Please ensure that the abstract accurately summarizes the focus on the
> document, with a sentence of two summarizing the updates to RFC1995, RFC5936
> and RFC7766.

Picked up in other reviews - I have suggested: 

“Additionally, this specification updates RFC1995 and RFC5936 with respect to efficient use of TCP connections, and RFC7766 with respect to the recommended number of connections between a client and server for each transport."

> 
> (2) I presume that section 21.3 is intended to be deleted (since the references
> appear to only be from section 16 which is planned to be removed), if so adding
> a RFC editor note would be helpful.

Correct - will add text. 

> 
> (3) It wasn't clear to me whether the text in the appendix is meant to be
> normative or illustrative.   It might be helpful to be clear which it is meant
> to be.

A good point - it is meant to be illustrative - I’ll add text to clarify. 

Many thanks!

Sara.