IETF Logo Mail Archive

Re: [dnsext] FW: I-D Action: draft-ietf-dnsext-dnssec-algo-signal-04.txt

Scott Rose <scottr.nist@gmail.com> Tue, 13 March 2012 14:24 UTC

Return-Path: <scottr.nist@gmail.com>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F375C21F8824 for <dnsext@ietfa.amsl.com>; Tue, 13 Mar 2012 07:24:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.483
X-Spam-Level:
X-Spam-Status: No, score=-6.483 tagged_above=-999 required=5 tests=[AWL=0.116, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SVrPLP9KdVcB for <dnsext@ietfa.amsl.com>; Tue, 13 Mar 2012 07:24:30 -0700 (PDT)
Received: from smtp.nist.gov (rimp2.nist.gov [129.6.16.227]) by ietfa.amsl.com (Postfix) with ESMTP id 094ED21F881F for <dnsext@ietf.org>; Tue, 13 Mar 2012 07:24:29 -0700 (PDT)
Received: from 107-140.antd.nist.gov (107-140.antd.nist.gov [129.6.140.107]) by smtp.nist.gov (8.13.1/8.13.1) with ESMTP id q2DEMjkv007258; Tue, 13 Mar 2012 10:22:46 -0400
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Scott Rose <scottr.nist@gmail.com>
In-Reply-To: <4f5efe2f.42c52a0a.3569.ffff81a7SMTPIN_ADDED@mx.google.com>
Date: Tue, 13 Mar 2012 10:22:45 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <DE24710B-DA29-4B92-A289-EEEBAAC4860D@gmail.com>
References: <4f5efe2f.42c52a0a.3569.ffff81a7SMTPIN_ADDED@mx.google.com>
To: Marc Lampo <marc.lampo@eurid.eu>
X-Mailer: Apple Mail (2.1084)
X-NIST-MailScanner: Found to be clean
X-NIST-MailScanner-From: scottr.nist@gmail.com
Cc: dnsext@ietf.org
Subject: Re: [dnsext] FW: I-D Action: draft-ietf-dnsext-dnssec-algo-signal-04.txt
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2012 14:24:31 -0000

Marc,
Ok,  Section 6 needs a revision and I will include your comment.

Thanks for the review,
Scott


On Mar 13, 2012, at 3:58 AM, Marc Lampo wrote:

> (resend, not sure if my original email made it to the list ?)
> 
> -----Original Message-----
> From: Marc Lampo [mailto:marc.lampo@eurid.eu]
> Sent: 07 March 2012 09:55 AM
> Cc: 'dnsext@ietf.org'
> Subject: RE: [dnsext] I-D Action: 
> draft-ietf-dnsext-dnssec-algo-signal-04.txt
> 
> Hello,
> 
> Suggestion.
> 
> In 6. Traffic Analysis Considerations
> 
> "... should monitor DNS query
>   traffic and record the values of the DAU/DHU/N3U option(s) in
>   queries. ..."
> 
> --> Suggest to add that also monitored are :
>    - (number of) DNS Queries, with EDNS0 OPT record, but without any 
> signalling done
> 
> Motivation :
> The difference in number of queries with and without Algo-Signalling
> shows how reliable the signalling information is.
> 
> Kind regards,
> 
> Marc Lampo
> Security Officer
> EURid (for .eu)
> 
> 
> -----Original Message-----
> From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org]
> Sent: 06 March 2012 05:30 PM
> To: i-d-announce@ietf.org
> Cc: dnsext@ietf.org
> Subject: [dnsext] I-D Action: draft-ietf-dnsext-dnssec-algo-signal-04.txt
> 
> 
> A New Internet-Draft is available from the on-line Internet-Drafts 
> directories. This draft is a work item of the DNS Extensions Working Group 
> of the IETF.
> 
> 	Title           : Signaling Cryptographic Algorithm Understanding in DNSSEC
> 	Author(s)       : Steve Crocker
>                          Scott Rose
> 	Filename        : draft-ietf-dnsext-dnssec-algo-signal-04.txt
> 	Pages           : 8
> 	Date            : 2012-03-06
> 
>   The DNS Security Extensions (DNSSEC) were developed to provide origin
>   authentication and integrity protection for DNS data by using digital
>   signatures.  These digital signatures can be generated using
>   different algorithms.  This draft sets out to specify a way for
>   validating end-system resolvers to signal to a server which
>   cryptographic algorithms and hash algorithms they support.
> 
> 
> 
> A URL for this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-algo-signal-04.txt
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> This Internet-Draft can be retrieved at:
> ftp://ftp.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-algo-signal-04.txt
> 
> 
> _______________________________________________
> dnsext mailing list
> dnsext@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsext

v2.23.0 | Report a Bug | By Email