Re: [dnsdir] Dnsdir last call review of draft-ietf-opsawg-add-encrypted-dns-07
mohamed.boucadair@orange.com Wed, 11 January 2023 13:35 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dnsdir@ietfa.amsl.com
Delivered-To: dnsdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 661F1C14CE2E; Wed, 11 Jan 2023 05:35:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.796
X-Spam-Level:
X-Spam-Status: No, score=-2.796 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KWJem_OQFh51; Wed, 11 Jan 2023 05:35:29 -0800 (PST)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.66.40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31084C14CEFA; Wed, 11 Jan 2023 05:35:29 -0800 (PST)
Received: from opfedar05.francetelecom.fr (unknown [xx.xx.xx.7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by opfedar21.francetelecom.fr (ESMTP service) with ESMTPS id 4NsTFq1PSrz7tds; Wed, 11 Jan 2023 14:35:27 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1673444127; bh=oZuOMeZqj9qkSDDI4kgIlhyNR7U2B31o3oMmlcZ+IRo=; h=From:To:Subject:Date:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=X9Iw9O/TyAyKfl8Xaqfn1HE7+1JggHWQO7HSqo9BBfnyOeB9kR2lReF/Qu/r8PHmZ 2xyI+J5KfIa88Q2ZNQjkx538lgx60Ga9f2APVVkV9rP0/FkBRh54//XcE2KMC9aRYG VE2/yBWAIzlefKkVbwMPRuL2qit2wQrr6T4z1EOFkgU3gAe3QSUAK2rNxgZlipHHZP eRAIDIFyWjB0AKYJdGguXh85H0khRorreP9mtc7j2gQCZq2T82KXJKBga7dcSl/d/O DvN75EJiMczuVEtMfEqwMy+XYxwCADo9lYX079j4ne5uvWRKHY4UIs2CA5qpofnRyr QvKSkmJijIioA==
From: mohamed.boucadair@orange.com
To: Ralf Weber <ralf.weber@akamai.com>, "dnsdir@ietf.org" <dnsdir@ietf.org>
CC: "draft-ietf-opsawg-add-encrypted-dns.all@ietf.org" <draft-ietf-opsawg-add-encrypted-dns.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "opsawg@ietf.org" <opsawg@ietf.org>
Thread-Topic: Dnsdir last call review of draft-ietf-opsawg-add-encrypted-dns-07
Thread-Index: AQHZJbY0RlIomOvQ00KVdOl4HSRPiq6ZMhWQ
Content-Class:
Date: Wed, 11 Jan 2023 13:35:26 +0000
Message-ID: <14551_1673444127_63BEBB1F_14551_495_43_d38173fb3cf44914a51415f5541362e1@orange.com>
References: <167343924470.16375.13847025325924435887@ietfa.amsl.com>
In-Reply-To: <167343924470.16375.13847025325924435887@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Enabled=true; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SetDate=2023-01-11T13:15:28Z; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Method=Privileged; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Name=unrestricted_parent.2; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SiteId=90c7a20a-f34b-40bf-bc48-b9253b6f5d20; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ActionId=12428397-693d-4ffa-b6dd-87d64a4aa3fb; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ContentBits=0
x-originating-ip: [10.115.27.53]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsdir/2ih9ZmvSYrT9BxRx7WQTfe5eDd8>
Subject: Re: [dnsdir] Dnsdir last call review of draft-ietf-opsawg-add-encrypted-dns-07
X-BeenThere: dnsdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DNS Directorate <dnsdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsdir>, <mailto:dnsdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsdir/>
List-Post: <mailto:dnsdir@ietf.org>
List-Help: <mailto:dnsdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsdir>, <mailto:dnsdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jan 2023 13:35:33 -0000
Hi Ralf, Thank you for the review. Please see inline. Cheers, Med > -----Message d'origine----- > De : Ralf Weber via Datatracker <noreply@ietf.org> > Envoyé : mercredi 11 janvier 2023 13:14 > À : dnsdir@ietf.org > Cc : draft-ietf-opsawg-add-encrypted-dns.all@ietf.org; last- > call@ietf.org; opsawg@ietf.org > Objet : Dnsdir last call review of draft-ietf-opsawg-add- > encrypted-dns-07 > > Reviewer: Ralf Weber > Review result: Ready with Nits > > Moin! > > I'm the assigned reviewer of the DNS Directorate for this draft. > Given that the add working group defines drafts for getting > encrypted DNS resolver settings to clients I was initially > surprised to see this draft coming from ops area to the DNS > directorate for review. > > However looking into while reviewing it is this has become clear > as the attributes defined by add DNR draft are just one user of > the specification of this draft. The draft uses and existing > specifications on interactions between DHCP and Radius and adds > DNR as one use case. As such while the draft was started with, > explains this use case and does so fine there is not much for the > DNS directorate to review. > [Med] FWIW, the WGLC was also shared with ADD, RADEXT, and DHC. This is a cross-area effort :-) > I see this draft as ready with the following nits: > - The table of attributes under 7 Table of attributes only have > two values which both start with 0. As the main distinction is > that attributes MUST NOT appear when 0 is there and MAY appeare > when 0+ is defined making this boolean with e.g Y/N seems easier > to understand IMHO. [Med] This is a well-established RADIUS nomenclature. We prefer to maintain it. Thanks. - In 8.1 New Radius Attributes the table is > called "Table 1: Encrypted DNS RADIUS Attributes", while the table > describer generic DHCP Options attributes. The table name should > reflect that. > [Med] Good catch. Fixed. > So long > -Ralf > > _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [dnsdir] Dnsdir last call review of draft-ietf-op… Ralf Weber via Datatracker
- Re: [dnsdir] Dnsdir last call review of draft-iet… mohamed.boucadair
- Re: [dnsdir] Dnsdir last call review of draft-iet… Joe Clarke (jclarke)
- Re: [dnsdir] [OPSAWG] Dnsdir last call review of … Eric Vyncke (evyncke)
- Re: [dnsdir] Dnsdir last call review of draft-iet… Ralf Weber