Re: [dnsext] Any interest in draft-latour-dnsoperator-to-rrr-protocol ?

Dave Lawrence <tale@dd.org> Tue, 16 February 2016 21:11 UTC

Return-Path: <tale@dd.org>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D4F91B2FD4 for <dnsext@ietfa.amsl.com>; Tue, 16 Feb 2016 13:11:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.008
X-Spam-Level:
X-Spam-Status: No, score=-0.008 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RP_MATCHES_RCVD=-0.006, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9LJVPC_NSPZG for <dnsext@ietfa.amsl.com>; Tue, 16 Feb 2016 13:11:46 -0800 (PST)
Received: from gro.dd.org (gro.dd.org [207.136.192.136]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFF931B2C4C for <dnsext@ietf.org>; Tue, 16 Feb 2016 13:11:39 -0800 (PST)
Received: by gro.dd.org (Postfix, from userid 102) id 2E6D23F432; Tue, 16 Feb 2016 16:11:38 -0500 (EST)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <22211.37002.133734.319655@gro.dd.org>
Date: Tue, 16 Feb 2016 16:11:38 -0500
From: Dave Lawrence <tale@dd.org>
To: John R Levine <johnl@taugh.com>
In-Reply-To: <alpine.OSX.2.11.1602131647580.39786@ary.lan>
References: <alpine.OSX.2.11.1602131647580.39786@ary.lan>
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsext/n1jADsbGBI4vdFDYMOQ8MCKeTSU>
Cc: dnsext@ietf.org
Subject: Re: [dnsext] Any interest in draft-latour-dnsoperator-to-rrr-protocol ?
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsext/>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Feb 2016 21:11:48 -0000

John R Levine writes:
> I noticed the -02 of this draft go by yesterday.
> 
> It's a very rough version of a DNSSEC key record bootstrap design in which 
> the operator of the delegated zone pokes the operator of the upper level 
> zone using http, which tells the upper level zone to import keys from the 
> delegated zone's CDS and CDNSKEY records.
> 
> Is there much interest in this?

I'm not sure how measure "much", but yes there is interest from
third-party operators like Akamai and CloudFlare because we can't
provide end-to-end DNSSEC services without currently involving a
manual interaction between the customer and their registrar.