IETF Logo Mail Archive

Re: [dnsext] Clarifying the mandatory algorithm rules

Edward Lewis <Ed.Lewis@neustar.biz> Fri, 10 December 2010 20:26 UTC

Return-Path: <Ed.Lewis@neustar.biz>
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A4BD03A6BAF for <dnsext@core3.amsl.com>; Fri, 10 Dec 2010 12:26:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.118
X-Spam-Level:
X-Spam-Status: No, score=-102.118 tagged_above=-999 required=5 tests=[AWL=0.481, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BRoxi1UCMGcW for <dnsext@core3.amsl.com>; Fri, 10 Dec 2010 12:26:23 -0800 (PST)
Received: from stora.ogud.com (stora.ogud.com [66.92.146.20]) by core3.amsl.com (Postfix) with ESMTP id 97D6D3A6BAD for <dnsext@ietf.org>; Fri, 10 Dec 2010 12:26:23 -0800 (PST)
Received: from sbaz2-lt61.cis.neustar.com (gatt.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.4/8.14.4) with ESMTP id oBAKRmrH003686; Fri, 10 Dec 2010 15:27:49 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz)
Received: from [10.31.200.119] by sbaz2-lt61.cis.neustar.com (PGP Universal service); Fri, 10 Dec 2010 15:27:54 -0500
X-PGP-Universal: processed; by sbaz2-lt61.cis.neustar.com on Fri, 10 Dec 2010 15:27:54 -0500
Mime-Version: 1.0
Message-Id: <a06240800c9283d0f587e@[10.31.200.119]>
In-Reply-To: <4D01EE19.3060006@nlnetlabs.nl>
References: <alpine.BSF.2.00.1011180553250.83352@fledge.watson.org> <4CE51293.5040605@nlnetlabs.nl> <a06240801c9101620d463@[192.168.128.163]> <22284.1290447209@nsa.vix.com> <4CF4D54B.5000407@nlnetlabs.nl> <4D00A86D.1040304@nlnetlabs.nl> <a06240800c9268ae26e12@[192.168.1.104]> <4D00F385.4010405@nlnetlabs.nl> <a06240801c926a690eaef@[10.31.200.118]> <4D01EE19.3060006@nlnetlabs.nl>
Date: Fri, 10 Dec 2010 15:27:46 -0500
To: dnsext@ietf.org
From: Edward Lewis <Ed.Lewis@neustar.biz>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Scanned-By: MIMEDefang 2.68 on 10.20.30.4
Cc: Edward Lewis <Ed.Lewis@neustar.biz>
Subject: Re: [dnsext] Clarifying the mandatory algorithm rules
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Dec 2010 20:26:25 -0000

At 10:08 +0100 12/10/10, Matthijs Mekking wrote:
>But you do make a good point here: A name server using more algorithms
>puts more work load on the validator. With that in mind, I am willing to
>say that a SHOULD should be there.

For the record, I'd put "could" and only that.

As in "a validator could check all of the signatures."  Doing more is 
deviating from the main purpose of DNS, that is quick, appropriate 
responses.

(Yes, I know "could" isn't an RFC 2119-defined term.)

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
NeuStar                    You can leave a voice message at +1-571-434-5468

In going through my family medical history I recently realized I was
born with congenital amnesia.  I couldn't even remember my name at birth.

v2.23.0 | Report a Bug | By Email