IETF Logo Mail Archive

[dnsext] FW: I-D Action: draft-ietf-dnsext-dnssec-algo-signal-04.txt

"Marc Lampo" <marc.lampo@eurid.eu> Tue, 13 March 2012 07:58 UTC

Return-Path: <marc.lampo@eurid.eu>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7071421F8876 for <dnsext@ietfa.amsl.com>; Tue, 13 Mar 2012 00:58:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.84
X-Spam-Level:
X-Spam-Status: No, score=-0.84 tagged_above=-999 required=5 tests=[AWL=0.310, BAYES_00=-2.599, MSGID_MULTIPLE_AT=1.449]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SwUf7U3aVjje for <dnsext@ietfa.amsl.com>; Tue, 13 Mar 2012 00:58:23 -0700 (PDT)
Received: from cuda.eurid.eu (cuda.eurid.eu [62.41.4.80]) by ietfa.amsl.com (Postfix) with ESMTP id DA46021F883B for <dnsext@ietf.org>; Tue, 13 Mar 2012 00:58:22 -0700 (PDT)
X-ASG-Debug-ID: 1331625499-02dadd0668262bf0001-uIE7UK
Received: from zimbra.eurid.eu (zcs-master.vt.eurid.eu [10.19.100.121]) by cuda.eurid.eu with ESMTP id gAnwtg4In6njd5nb for <dnsext@ietf.org>; Tue, 13 Mar 2012 08:58:19 +0100 (CET)
X-Barracuda-Envelope-From: marc.lampo@eurid.eu
X-ASG-Whitelist: Client
Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbra.eurid.eu (Postfix) with ESMTP id D8C13E406F for <dnsext@ietf.org>; Tue, 13 Mar 2012 08:58:19 +0100 (CET)
X-Virus-Scanned: amavisd-new at techmail.eurid.eu
Received: from zimbra.eurid.eu ([127.0.0.1]) by localhost (zimbra.eurid.eu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mbg8DFSu0KcP for <dnsext@ietf.org>; Tue, 13 Mar 2012 08:58:19 +0100 (CET)
Received: from zimbra.eurid.eu (zimbra.eurid.eu [10.19.100.120]) by zimbra.eurid.eu (Postfix) with ESMTP id C4213E4050 for <dnsext@ietf.org>; Tue, 13 Mar 2012 08:58:19 +0100 (CET)
From: Marc Lampo <marc.lampo@eurid.eu>
To: dnsext@ietf.org
Date: Tue, 13 Mar 2012 08:58:19 +0100
X-ASG-Orig-Subj: FW: [dnsext] I-D Action: draft-ietf-dnsext-dnssec-algo-signal-04.txt
Message-ID: <016901cd00ef$0e09cf00$2a1d6d00$@lampo>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
X-Mailer: Zimbra 6.0.14_GA_2928 (ZimbraConnectorForOutlook/5.0.3064.18)
Thread-Index: Acz7tlEXRY5EuTLJQlOlwrinL3+ZSAAiQL0QASvgXsA=
Content-Language: en-za
x-antivirus-status: Clean
x-antivirus: avast!
X-Originating-IP: [172.20.5.51]
X-Barracuda-Connect: zcs-master.vt.eurid.eu[10.19.100.121]
X-Barracuda-Start-Time: 1331625499
X-Barracuda-URL: http://10.31.100.125:8000/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at eurid.eu
Subject: [dnsext] FW: I-D Action: draft-ietf-dnsext-dnssec-algo-signal-04.txt
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 07:58:23 -0000

(resend, not sure if my original email made it to the list ?)

-----Original Message-----
From: Marc Lampo [mailto:marc.lampo@eurid.eu]
Sent: 07 March 2012 09:55 AM
Cc: 'dnsext@ietf.org'
Subject: RE: [dnsext] I-D Action: 
draft-ietf-dnsext-dnssec-algo-signal-04.txt

Hello,

Suggestion.

In 6. Traffic Analysis Considerations

"... should monitor DNS query
   traffic and record the values of the DAU/DHU/N3U option(s) in
   queries. ..."

--> Suggest to add that also monitored are :
    - (number of) DNS Queries, with EDNS0 OPT record, but without any 
signalling done

Motivation :
The difference in number of queries with and without Algo-Signalling
shows how reliable the signalling information is.

Kind regards,

Marc Lampo
Security Officer
EURid (for .eu)


-----Original Message-----
From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org]
Sent: 06 March 2012 05:30 PM
To: i-d-announce@ietf.org
Cc: dnsext@ietf.org
Subject: [dnsext] I-D Action: draft-ietf-dnsext-dnssec-algo-signal-04.txt


A New Internet-Draft is available from the on-line Internet-Drafts 
directories. This draft is a work item of the DNS Extensions Working Group 
of the IETF.

	Title           : Signaling Cryptographic Algorithm Understanding in DNSSEC
	Author(s)       : Steve Crocker
                          Scott Rose
	Filename        : draft-ietf-dnsext-dnssec-algo-signal-04.txt
	Pages           : 8
	Date            : 2012-03-06

   The DNS Security Extensions (DNSSEC) were developed to provide origin
   authentication and integrity protection for DNS data by using digital
   signatures.  These digital signatures can be generated using
   different algorithms.  This draft sets out to specify a way for
   validating end-system resolvers to signal to a server which
   cryptographic algorithms and hash algorithms they support.



A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-algo-signal-04.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-algo-signal-04.txt

v2.23.0 | Report a Bug | By Email