IETF Logo Mail Archive

Re: [DNSOP] KSK-Sentinel -- "Walkin' on the SUN"?

Matthew Pounsett <matt@conundrum.com> Tue, 15 May 2018 16:39 UTC

Return-Path: <matt@conundrum.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E76DB12EACB for <dnsop@ietfa.amsl.com>; Tue, 15 May 2018 09:39:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.608
X-Spam-Level:
X-Spam-Status: No, score=-2.608 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=conundrum-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yz_LrzHQGR-U for <dnsop@ietfa.amsl.com>; Tue, 15 May 2018 09:39:36 -0700 (PDT)
Received: from mail-it0-x235.google.com (mail-it0-x235.google.com [IPv6:2607:f8b0:4001:c0b::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE90812EAA5 for <dnsop@ietf.org>; Tue, 15 May 2018 09:39:35 -0700 (PDT)
Received: by mail-it0-x235.google.com with SMTP id y189-v6so3105469itb.2 for <dnsop@ietf.org>; Tue, 15 May 2018 09:39:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=conundrum-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=04PlZsQRC+kwdoUbYPsL9u1fE7VkpTF8FhqW9UnYri8=; b=gMFAXeJVLc6C8YnRV7gUh4GjvNNhi99OJAvT+M7AeHj9XgsVLIHoXYQSS0gZ5H5O2h DE7amn4gQhi5gBZ2FfMBO3l4L2nXB2WRrv/V4nsectGVtzNO/KdlnsbiQwRyYC6wYNCL W69coiIcubm4wWFWouqj2ZDI0mJEPQUAsOHBhy7w51JFCsg4Uyt7cfS2tgTXgrExNeYS jrxMZd6FxnzOn45ClEpvF7pj1zBeHa2/cCPQcZLb0r8Qr5hVfMXm93iptf2vyv7LA+iA PxVCf6lvo1Han+L8/y6AHKopuqTU1Umidbc/R9++ipyI0/cSDsPADqX3AvEKM9pwcFIF B+ng==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=04PlZsQRC+kwdoUbYPsL9u1fE7VkpTF8FhqW9UnYri8=; b=Q/UooFv126Qs0cBmRtgUx6Se3EsJs0XgUFMvQ9x90ccGZjrYS75lTvZZX0UJ752w8j dKc+L+0AzVavs6mBmA0LzvybxEnSKp3YLLRmPiGcYJYysl0KXL5/ok2XjV19kfyJK/u7 YJo5cCEkZ+7g1g9XoohnboECptmKodHNigzN7spTh/iQitVYtLYJ/lOSFaoLlJo5xN67 QPQBlTLzvTveI4na5cAMgPKT/bBw3tPDWTszDITqXIl42YISTaGnaWNAFUbPenK0VsVt QZ1JlqC8PCz51DiA4CnjddBwphb9O+l/+d3jGW1GZ4yfriiW8N9/0xGZWdPL7s2jHW8P ty0w==
X-Gm-Message-State: ALKqPwdGXEKDJA3iQycrril37ITIHCs6HE6YzvOu1oVGiyoTsVkXAUQD 0M8JKjDqRjGZKgSM6Zw6Ipl7JO4YhpXBkKmYEgh0OA==
X-Google-Smtp-Source: AB8JxZok//L4v5znNjUYSX/8aZ4b6Kn67yV+kfaJH19H/Cx+2POlbVFvR4lqM2xoLTRSA9j4oyM/lcIK6Y9b+lIUK3I=
X-Received: by 2002:a6b:2ee4:: with SMTP id u97-v6mr17127450iou.121.1526402375245; Tue, 15 May 2018 09:39:35 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:5ccd:0:0:0:0:0 with HTTP; Tue, 15 May 2018 09:39:34 -0700 (PDT)
In-Reply-To: <alpine.DEB.2.11.1805151732070.1809@grey.csi.cam.ac.uk>
References: <CAHw9_iKPTT686F8piMGJG=ESnioaunJDTKurabvMA6NucqvBow@mail.gmail.com> <alpine.DEB.2.11.1805151043220.1809@grey.csi.cam.ac.uk> <CAPt1N1=ussiww-a_tGJyUxgf7HCGTx-9LCyENSzmjWGP1D=ysQ@mail.gmail.com> <alpine.DEB.2.11.1805151732070.1809@grey.csi.cam.ac.uk>
From: Matthew Pounsett <matt@conundrum.com>
Date: Tue, 15 May 2018 12:39:34 -0400
Message-ID: <CAAiTEH_7cndQDvoz24VGaRhCcpS5JkJX7_H68DX1xKk0e9jFCQ@mail.gmail.com>
To: Tony Finch <dot@dotat.at>
Cc: Ted Lemon <mellon@fugue.com>, dnsop <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000005c7a2d056c413fe6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/-F4lFCzjfHM2ErB-NdO9X-auw24>
Subject: Re: [DNSOP] KSK-Sentinel -- "Walkin' on the SUN"?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 May 2018 16:39:41 -0000

On 15 May 2018 at 12:34, Tony Finch <dot@dotat.at> wrote:

> Ted Lemon <mellon@fugue.com> wrote:
>
> > It might be useful to compare this to labels like _tcp that appear in SRV
> > records and elsewhere.
>
> The reason for listing a name in the RCF 6761 registry is because it needs
> special handling of some kind in DNS software. That isn't the case for the
> _underscore names, which (from the DNS point of view) are just ordinary
> domain names that have conventional uses in applications.
>
> I'm going to suggest a modification to your first sentence.  The reason
for listing a name int he RFC 6761 registry is because it needs special
handling of some kind in DNS software that would otherwise be unaware of
the special handling required by that name.  In this case, the only name
servers that need to handle these names specially are the ones implementing
the technology.. all other name servers treat them as ordinary names.

v2.23.0 | Report a Bug | By Email