[dnsext] Any interest in draft-latour-dnsoperator-to-rrr-protocol ?

"John R Levine" <johnl@taugh.com> Sat, 13 February 2016 21:48 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0C091A87DB for <dnsext@ietfa.amsl.com>; Sat, 13 Feb 2016 13:48:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.563
X-Spam-Level: *
X-Spam-Status: No, score=1.563 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2v_JlpkCSJmc for <dnsext@ietfa.amsl.com>; Sat, 13 Feb 2016 13:48:20 -0800 (PST)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3A011A87D1 for <dnsext@ietf.org>; Sat, 13 Feb 2016 13:48:19 -0800 (PST)
Received: (qmail 16743 invoked from network); 13 Feb 2016 21:48:18 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:mime-version:content-type:user-agent; s=4166.56bfa4a2.k1602; bh=88JMYo1jfPQwKahqh5trP2GyG3I9H5JAd0Hqi16VVII=; b=exWbvOJGXJ1+AF//ANXpanKlw/5fRnukn2RZ7ZkR0/LUMXn+vx+7XOV4xP7EK5mB/b0M3LSwQpCguJ1HKi0jvgCQ09VgXIrMxYPXsN3AJLUn8ADFsmV0GhIippjhEw5+Co9UF8RW2MH4kh+ikfKnPCj7NTn8PtLgB1fBU8k5KTz2qOjozKcO8bshPece7k3mDyzDAsHaLNVeba9RVzxeTk2P+CPvdvCKRdR5G2iXEO+0aUwdUC2djKpZV2kLlgsq
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:mime-version:content-type:user-agent; s=4166.56bfa4a2.k1602; bh=88JMYo1jfPQwKahqh5trP2GyG3I9H5JAd0Hqi16VVII=; b=H1CPdbzX+ANIkVhENZXjkquUcl/cgdcd7dBVQyaZ2FrRKk6NR42yavyRkuKkOGZKxIAUiGI4xfay+GCiEhj3BDiuyo+mgAIKG2W8HWZDYUzvuVnWmm8AP+ukoA4PKNIDLiFhtheDOpUcTcAa64Zjc7XGyfxHKnLteOZY7PPAwqmxPjQ2Ur+gd5oFVgYHmgn/WbMPai2UMrOpiiblar1+necy8orcsgvYR3DdoCkPWUF0dEqG3cb5OYioaXrNSw/b
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 13 Feb 2016 21:48:18 -0000
Date: 13 Feb 2016 16:48:18 -0500
Message-ID: <alpine.OSX.2.11.1602131647580.39786@ary.lan>
From: "John R Levine" <johnl@taugh.com>
To: dnsext@ietf.org
User-Agent: Alpine 2.11 (OSX 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsext/BLXZiQVtqur5H2TVOq7OApw4s6U>
Subject: [dnsext] Any interest in draft-latour-dnsoperator-to-rrr-protocol ?
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsext/>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Feb 2016 21:48:21 -0000

I noticed the -02 of this draft go by yesterday.

It's a very rough version of a DNSSEC key record bootstrap design in which 
the operator of the delegated zone pokes the operator of the upper level 
zone using http, which tells the upper level zone to import keys from the 
delegated zone's CDS and CDNSKEY records.

Is there much interest in this?

On my tiny DNS server I have over 100 signed zones where I can't install 
the upper level DS records because I'm not the registrant, I'm just 
running their DNS.  It would be nice to have a way to do that that scales 
better than walking each of the registrants through their registrars' 
DNSSEC update processes.

R's,
John