IETF Logo Mail Archive

[dnsext] Re: [Editorial Errata Reported] RFC4035 (7972)

Ted Hardie <ted.ietf@gmail.com> Thu, 06 June 2024 07:44 UTC

Return-Path: <ted.ietf@gmail.com>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 245A2C180B5C for <dnsext@ietfa.amsl.com>; Thu, 6 Jun 2024 00:44:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 61vQBaniv5mn for <dnsext@ietfa.amsl.com>; Thu, 6 Jun 2024 00:44:09 -0700 (PDT)
Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 70286C1654EB for <dnsext@ietf.org>; Thu, 6 Jun 2024 00:44:09 -0700 (PDT)
Received: by mail-ed1-x52d.google.com with SMTP id 4fb4d7f45d1cf-57a50ac2ca1so720782a12.0 for <dnsext@ietf.org>; Thu, 06 Jun 2024 00:44:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1717659848; x=1718264648; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=TSaQI3xvarXKTw82yTCYE5BOaC0xY8+qT0pFUBAqFok=; b=cl4Wa2y5BMJ3a0kuM3Jm+Ch261Fy8iI08SU0kqU2MKTUU6+IGWhlHZcxtI+0qR9zev 1Iv3kvh4oP2R+h2WQ5y1cTd4JRGMcEFWk9FQJNF8VOgpQCdPwdo4HfNatTt8ARrdDO6G sT7xVwJBw+Ej9qJb4DwjF3RSiVhD1WMa/kiMTnd4tSaA3cxCdIKKgXWwu6ynZBoPzkpI 3ucrzrMR69RzagQ70doKGp95MZrgNqxREQ2IdwvPaYhnS7oSSccvPKRSUtMDw/UtUlsp Uc96/ZTJXSdahRf5dUeF71WsEXriZXMsZbp0ErqT7osbDryxFyn/c69HexLAgNg6XhIH dGtg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717659848; x=1718264648; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=TSaQI3xvarXKTw82yTCYE5BOaC0xY8+qT0pFUBAqFok=; b=JsGYYuFULc/ms7B+dLPfQgeFYbiiJad0clQdFqA7u5TvJNLLBvJLSweuw3AQg3CgCp m8mW216QKbOHGSCxiVOkXRIWvymL3tNjpFnbP8pxufzQZBSurDsv5asfzA6KlfULTW7G +s3kTbwYMbx6SNXKtY/8nl2gUSR7nj2HJ1uNmPiJANFhWZM8uTuSULNSCor1HNdZnPDP BvaywxKmP5k1q0Y2R/enQksfkpBH+PPX5iQiN1frKf3j94cmGMzRD8A5nAV9Xxl/c4hH RBVDVnHiGxxSRajNG9HGt/TA8HrHI7B+MuKDfdZ4BsNtTttPDvIEIdtXEEShgb7V2zQx Y3cQ==
X-Forwarded-Encrypted: i=1; AJvYcCWDTZZq70KEl5DkvGD9/pedLiIrhhe2v6IHK0Vb3bpwcZWigSVTVhdwQvr+xbmILM3TyYlePkPNoUd7B5N07K4=
X-Gm-Message-State: AOJu0YwPpZIJ1sdOhhPN423jaETqlpMvn2d/qVUm/KbepwKlKVBGklgR dnYAZrz61veOjn27ePw5m5KGNbHtwMklWQGZV+cUOD794dRMVqHj9i2RLjXHCkmsKa0JasM09jF T3h/hgZBW3u/Nx5An8edpfxkoTWA=
X-Google-Smtp-Source: AGHT+IGxkd+N3JPE+HTcniOZpVGHeeW5bHayzXvPV6h1eGFW8QfA9EN5G0LzdSPi5xdlOTtjCAe3+8AjqdX214snKxM=
X-Received: by 2002:a50:d7dc:0:b0:578:5aef:23e3 with SMTP id 4fb4d7f45d1cf-57a8b6c775dmr2801965a12.21.1717659847489; Thu, 06 Jun 2024 00:44:07 -0700 (PDT)
MIME-Version: 1.0
References: <20240606023706.9A985C000063@rfcpa.rfc-editor.org> <20240606030200.293F557A1964@orthanc.hactrn.net>
In-Reply-To: <20240606030200.293F557A1964@orthanc.hactrn.net>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Thu, 06 Jun 2024 08:43:40 +0100
Message-ID: <CA+9kkMDQ_ktdtkp9uWY_JSzXZdfcsS2+eqq=PyLYB9NKuQdCCA@mail.gmail.com>
To: Rob Austein <sra@hactrn.net>
Content-Type: multipart/alternative; boundary="0000000000000e026c061a33d9b5"
Message-ID-Hash: EHAXPIVYKEF3HYB3KNLJKLOK4UGXFDP6
X-Message-ID-Hash: EHAXPIVYKEF3HYB3KNLJKLOK4UGXFDP6
X-MailFrom: ted.ietf@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsext.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: RFC Errata System <rfc-editor@rfc-editor.org>, nate@natechoe.dev, roy.arends@telin.nl, sra@isc.org, mlarson@verisign.com, massey@cs.colostate.edu, scott.rose@nist.gov, dnsext@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [dnsext] Re: [Editorial Errata Reported] RFC4035 (7972)
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsext/nJaUw8K8QdmOb8PR3XSzixU8Cu8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsext>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Owner: <mailto:dnsext-owner@ietf.org>
List-Post: <mailto:dnsext@ietf.org>
List-Subscribe: <mailto:dnsext-join@ietf.org>
List-Unsubscribe: <mailto:dnsext-leave@ietf.org>

I agree with Rob's reasoning here.  Rewording it to something like "ought
to be aware" would be a way around this confusion, but I don't think the
current erratum is correct.  I also don't think there's a lot of evidence
of implementer confusion on this, so I would not be in a hurry to file an
erratum with "ought to be aware" as the suggested text, either.

Just my personal opinion, of course.

Ted

On Thu, Jun 6, 2024 at 4:02 AM Rob Austein <sra@hactrn.net> wrote:

> > Type: Editorial
> > Reported by: Nate Choe <nate@natechoe.dev>
> >
> > Section: 4.2
> >
> > Original Text
> > -------------
> >    Security-aware resolvers MAY query for missing security RRs in an
> >    attempt to perform validation; implementations that choose to do so
> >    must be aware that the answers received may not be sufficient to
> >    validate the original response.  For example, a zone update may have
> >    changed (or deleted) the desired information between the original and
> >    follow-up queries.
> >
> > Corrected Text
> > --------------
> >    Security-aware resolvers MAY query for missing security RRs in an
> >    attempt to perform validation; implementations that choose to do so
> >    MUST be aware that the answers received may not be sufficient to
> >    validate the original response.  For example, a zone update may have
> >    changed (or deleted) the desired information between the original and
> >    follow-up queries.
> >
> > Notes
> > -----
> > "MUST" is a key word according to RFC 2119/BCP 14 and should be
> capitalized.
>
> Well, it's been nearly twenty years, and I don't feel terribly
> strongly about this, but since Nate raised the point:
>
> I think I disagree.  "MUST" is keyword, "must" is not.  It probably
> would have been advisable to avoid the non-keyword "must" due to the
> risk of this confusion, but "MUST be aware" does not seem actionable
> to me, nor does it seem likely to be what the author of the original
> text (who may or may not have been me) intended.
>
> So I would reject this erratum, but as noted above, I don't feel
> strongly about this, and will not stand in the way if the (long
> disbanded) WG or my co-editors (most of whose contact information has
> probably changed by now) agree with Nate.
>
> _______________________________________________
> dnsext mailing list -- dnsext@ietf.org
> To unsubscribe send an email to dnsext-leave@ietf.org
>

v2.46.0 | Report a Bug | By Email | System Status