Re: [dnsext] CAA RRTYPE review - Comments period end Mar 11th

Samuel Weiler <> Thu, 10 March 2011 12:56 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 946863A699A for <>; Thu, 10 Mar 2011 04:56:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id fp2-yiHACpsB for <>; Thu, 10 Mar 2011 04:56:39 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 49FCC3A6924 for <>; Thu, 10 Mar 2011 04:56:35 -0800 (PST)
Received: from ( []) by (8.14.4/8.14.4) with ESMTP id p2ACt82h063378; Thu, 10 Mar 2011 07:55:08 -0500 (EST) (envelope-from
Received: from localhost (weiler@localhost) by (8.14.4/8.14.4/Submit) with ESMTP id p2ACt80l063375; Thu, 10 Mar 2011 07:55:08 -0500 (EST) (envelope-from
X-Authentication-Warning: weiler owned process doing -bs
Date: Thu, 10 Mar 2011 07:55:08 -0500
From: Samuel Weiler <>
To: Frederico A C Neves <>
In-Reply-To: <>
Message-ID: <>
References: <>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 ( []); Thu, 10 Mar 2011 07:55:08 -0500 (EST)
Subject: Re: [dnsext] CAA RRTYPE review - Comments period end Mar 11th
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 10 Mar 2011 12:56:40 -0000

The presentation format definition says:
    flags  Is an unsigned integer between 0 and 15.

But the flags field on the wire is a full octet, and bit 0 is defined. 
Should the presentation format allow 0-255, instead?

>  H.    Does the requested RRTYPE make use of any existing IANA
>        Registry or require the creation of a new IANA sub-registry in
>        DNS Parameters?
> Yes, the following registry assignment is requested.
> 5.2.  Certification Authority Authorization Properties
>  IANA [is requested to create] the Certification Authority
> Authorization Properties registry with the following initial values:
>  Addition of tag identifiers requires a public specification and
>  expert review as set out in RFC5395 [RFC5395]

Is it really appropriate to allow a template to create IANA 
registries?  It does seem odd to me that a template can create an IANA 
registry when the i-d it cites can't itself create a registry until 
published as an RFC.  Perhaps IANA should comment on that.

In any case, the cite to 5395 suggests that this is attempting to 
reuse the DNS RRTYPE expert pool for this registry, which seems odd. 
It also doesn't define the criteria an expert should use.  I suggest 
the proponents of this look at RFC5226 and specific their own 
criteria, perhaps with their own expert.

It might be appropriate to skip the IANA registry for the moment. 
Resubmit the specificcation with no IANA registry ("here are the two 
values") and only create the registry in the RFC.

Which brings us to the discussion on the list yesterday: the template 
should really be citing a particular version of the spec.  It hardly 
seems fair to ask the expert to approve an RRTYPE based on a reference 
to a changing document.

-- Sam