Re: nsid last call

Dean Anderson <dean@av8.com> Thu, 15 June 2006 03:33 UTC

Date: Wed, 14 Jun 2006 23:28:28 -0400
From: Dean Anderson <dean@av8.com>
To: Peter Koch <pk@DENIC.DE>
cc: IETF DNSEXT WG <namedroppers@ops.ietf.org>, Mark Townsley <townsley@cisco.com>
Subject: Re: nsid last call
In-Reply-To: <20060613142034.GJ1232@unknown.office.denic.de>
Message-ID: <Pine.LNX.4.44.0606142315180.31457-100000@citation2.av8.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk

On Tue, 13 Jun 2006, Peter Koch wrote:

> On Tue, Jun 13, 2006 at 03:18:10PM +0200, Olaf M.Kolkman wrote:
> 
> >      The syntax and semantics of the content of the NSID option is
> >      deliberately left outside the scope of this specification. It is
> >      the prerogative of the server administrator to choose the NSID
> >      content as long as the content is unique to each anycast instance
> >      so that a remote user is able to match the NSID to the server  
> > instance
> >      over a series of queries. The NSID can be opaque and encoded  
> 
> sorry to disagree, but in the Paris meeting and subsequently in
> <http://www.ops.ietf.org/lists/namedroppers/namedroppers.2005/msg01347.html>
> I explicitly asked to have this as dynamic as possible and neither were
> there any objections nor can I see much discussion, lest support for this
> 180 degree change. Please remove "as long as the content ... over a series
> of queries".

This change is what has been discussed recently. I don't see that as a very
great change, even though it may not be exactly what you wanted in Paris. I 
wasn't at Paris, so I don't know what was agreed there, but presumably review by 
a wider audience has its benefits....

Can you explain why this should be allowed to be changed on a per-packet basis?

It is actaully very dynamic as I worded it.

I can't see any good reason for there to be a secret as to how many anycast
instances there are, nor can I see any good reason that remote users shouldn't
be able to match the NSID to the server instance over a series of queries.

I think I would object to the 'each query unique secret' version, with some good
reasons for that.

		--Dean

> > such that it
> >      can be decoded by the server adminstrator to provide more  
> > information.
> >      This section describe some of the kinds of data that server  
> > administrators
> 
> [...]
> 
> The rest of the more verbose explanation is fine, though.
> 
> -Peter
> 
> --
> to unsubscribe send a message to namedroppers-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://ops.ietf.org/lists/namedroppers/>
> 
> 

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000   

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

Re: nsid last call Dean Anderson
Re: nsid last call Alex Bligh
Re: nsid last call Dean Anderson
Re: nsid last call Dean Anderson
Re: nsid last call Andrew Sullivan
Re: nsid last call Dean Anderson
Re: nsid last call Edward Lewis
Re: nsid last call Alex Bligh
Re: nsid last call Dean Anderson
Re: nsid last call Dean Anderson
Re: nsid last call Andrew Sullivan
Re: nsid last call Alex Bligh
Re: nsid last call Edward Lewis
Re: nsid last call Andrew Sullivan
Re: nsid last call william(at)elan.net