Re: [dnsext] DTLS alternative to DNS-Curve

Joe Abley <jabley@hopcount.ca> Thu, 16 September 2010 23:40 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A234B3A695A; Thu, 16 Sep 2010 16:40:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6HZoiy6WDSF3; Thu, 16 Sep 2010 16:40:41 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 0BF173A69BB; Thu, 16 Sep 2010 16:40:40 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.72 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1OwNxt-000P4X-8b for namedroppers-data0@psg.com; Thu, 16 Sep 2010 23:34:05 +0000
Received: from [2001:4900:1:392:213:20ff:fe1b:3bfe] (helo=monster.hopcount.ca) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72 (FreeBSD)) (envelope-from <jabley@hopcount.ca>) id 1OwNxY-000P1v-2o for namedroppers@ops.ietf.org; Thu, 16 Sep 2010 23:33:44 +0000
Received: from [199.212.90.26] (helo=dh26.r1.owls.hopcount.ca) by monster.hopcount.ca with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.71 (FreeBSD)) (envelope-from <jabley@hopcount.ca>) id 1OwNxR-000AqY-Q5; Thu, 16 Sep 2010 23:33:38 +0000
Subject: Re: [dnsext] DTLS alternative to DNS-Curve
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: text/plain; charset=us-ascii
From: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <02A6011E-033F-40E6-B937-49A56F6D48D1@icsi.berkeley.edu>
Date: Thu, 16 Sep 2010 19:33:36 -0400
Cc: Phillip Hallam-Baker <hallam@gmail.com>, Tony Finch <dot@dotat.at>, namedroppers <namedroppers@ops.ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <61C4AE93-1540-4234-8AE5-B8E1BFFAD2A7@hopcount.ca>
References: <AANLkTin2xY+cAck+3sWcn8hibDrZbXLzttznGM9sRQz+@mail.gmail.com> <alpine.LSU.2.00.1009161925200.31356@hermes-2.csi.cam.ac.uk> <AANLkTikEq8KVQxzAo3e_RJOWbYvVGrXjLnVCooFs3H=q@mail.gmail.com> <alpine.LSU.2.00.1009162003370.31356@hermes-2.csi.cam.ac.uk> <AANLkTimD=Mcx-COzENWWd1GeESCW8hW189uRJE6eDanB@mail.gmail.com> <02A6011E-033F-40E6-B937-49A56F6D48D1@icsi.berkeley.edu>
To: Nicholas Weaver <nweaver@ICSI.Berkeley.EDU>
X-Mailer: Apple Mail (2.1081)
X-SA-Exim-Connect-IP: 199.212.90.26
X-SA-Exim-Mail-From: jabley@hopcount.ca
X-SA-Exim-Scanned: No (on monster.hopcount.ca); SAEximRunCond expanded to false
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>

On 2010-09-16, at 17:18, Nicholas Weaver wrote:

> Overall, this suggests the following:
> 
> New RTYPEs can be used, but reluctantly.

To me what you described is actually an argument to promote the use of new RTYPEs, not to discourage it.

Not seeing widespread of new RTYPEs in the wild is presumably what led to the entrenched belief that it's reasonable to filter on RTYPE in middleboxes. The way to stamp out this thinking is to reverse the trend.


Joe