Re: DNSSEC - Signature Only vs the MX/A issue.
Josh Littlefield <joshl@cisco.com> Wed, 29 November 2006 00:15 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GpD73-0007JP-MJ; Tue, 28 Nov 2006 19:15:45 -0500
Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GpD72-0001zw-9h; Tue, 28 Nov 2006 19:15:45 -0500
Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1GpD37-0009Kt-3L for namedroppers-data@psg.com; Wed, 29 Nov 2006 00:11:41 +0000
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on psg.com
X-Spam-Level:
X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.1.7
Received: from [171.68.10.86] (helo=sj-iport-4.cisco.com) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from <joshl@cisco.com>) id 1GpD2v-0009K2-Vy for namedroppers@ops.ietf.org; Wed, 29 Nov 2006 00:11:35 +0000
Received: from rtp-dkim-2.cisco.com ([64.102.121.159]) by sj-iport-4.cisco.com with ESMTP; 28 Nov 2006 13:42:58 -0800
Received: from rtp-core-2.cisco.com (rtp-core-2.cisco.com [64.102.124.13]) by rtp-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id kASLgw5o026084; Tue, 28 Nov 2006 16:42:58 -0500
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by rtp-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id kASLgvDY009723; Tue, 28 Nov 2006 16:42:58 -0500 (EST)
Received: from xfe-rtp-201.amer.cisco.com ([64.102.31.38]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 28 Nov 2006 16:42:44 -0500
Received: from [161.44.65.121] ([161.44.65.121]) by xfe-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 28 Nov 2006 16:42:43 -0500
Message-ID: <456CAD59.8030501@cisco.com>
Date: Tue, 28 Nov 2006 16:42:49 -0500
From: Josh Littlefield <joshl@cisco.com>
Organization: Cisco Systems
User-Agent: Thunderbird 1.5.0.8 (Windows/20061025)
MIME-Version: 1.0
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
CC: namedroppers@ops.ietf.org
Subject: Re: DNSSEC - Signature Only vs the MX/A issue.
References: <20061127032712.CD1FE56890@shell-ng.nominum.com> <20061128135806.GA24695@nic.fr> <20061128203532.0DC4F56890@shell-ng.nominum.com> <20061128204758.GA20253@nic.fr>
In-Reply-To: <20061128204758.GA20253@nic.fr>
X-Enigmail-Version: 0.94.1.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 28 Nov 2006 21:42:44.0006 (UTC) FILETIME=[23054C60:01C71336]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=1064; t=1164750178; x=1165614178; c=relaxed/simple; s=rtpdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=joshl@cisco.com; z=From:=20Josh=20Littlefield=20<joshl@cisco.com> |Subject:=20Re=3A=20DNSSEC=20-=20Signature=20Only=20vs=20the=20MX/A=20iss ue. |Sender:=20 |To:=20Stephane=20Bortzmeyer=20<bortzmeyer@nic.fr>; bh=vSceOUSGc8afCtWUjht0h73mrEZjWggo3IU1eJb/ARc=; b=P781eSR4PluqGOtMx5yw9lWzfC+FGQy7Qd1cMbFgJC9D6JULrSVWSK3EmlGvwV2mWgt90wSU k8OifuESMXTq4gJvaKtTYdV6zg3lJjJRckaxC5mk1UE7lpfnwVuoK4a7;
Authentication-Results: rtp-dkim-2; header.From=joshl@cisco.com; dkim=pass ( sig from cisco.com/rtpdkim2001 verified; );
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22
Stephane Bortzmeyer wrote: > On Tue, Nov 28, 2006 at 03:13:50PM -0500, > Mike StJohns <Mike.StJohns@nominum.com> wrote > a message of 25 lines which said: > >> Not exactly. See my previous note to Mark. SO still protects the >> atomicity of an RRSet - you can delete ALL of the SRV records or >> none of them. If you delete all of them at a label, the lookup >> fails and you can't proceed. > > See Peter Koch's reply :-) Many protocols define a fallback outside of > the RRset. For instance, in > http://mirrors.isc.org/pub/www.watersprings.org/pub/id/draft-andrews-http-srv-01.txt, > there is a fallback from SRV to A. Similarly, RFC 3263 defines fallback from NAPTR to SRV (at a different but related name), followed by fallback to A and AAAA. -- ===================================================================== Josh Littlefield Cisco Systems, Inc. joshl@cisco.com 1414 Massachusetts Avenue tel: 978-936-1379 fax: 978-936-2226 Boxborough, MA 01719-2205 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/namedroppers/>
- Re: DNSSEC - Signature Only vs the MX/A issue. Mike StJohns
- Re: DNSSEC - Signature Only vs the MX/A issue. Josh Littlefield
- Re: DNSSEC - Signature Only vs the MX/A issue. Mark Andrews