Re: [DNSOP] [Ext] review: draft-wessels-dns-zone-digest-04.txt

Joe Abley <jabley@hopcount.ca> Thu, 01 November 2018 19:09 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC5DE129BBF for <dnsop@ietfa.amsl.com>; Thu, 1 Nov 2018 12:09:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hopcount.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hjob_X-A3gwQ for <dnsop@ietfa.amsl.com>; Thu, 1 Nov 2018 12:09:15 -0700 (PDT)
Received: from mail-ed1-x52c.google.com (mail-ed1-x52c.google.com [IPv6:2a00:1450:4864:20::52c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BE5412958B for <dnsop@ietf.org>; Thu, 1 Nov 2018 12:09:15 -0700 (PDT)
Received: by mail-ed1-x52c.google.com with SMTP id y20-v6so17391946eds.10 for <dnsop@ietf.org>; Thu, 01 Nov 2018 12:09:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=oqtwqb7+2G0Swnabl8SsFLLvg93aYZQpFife605VgQA=; b=NwgH4rUKozK4pqnD9jHazFNwcP87R3Y9m//V8nq/5Egz8qov0bmMXH1vwcTcPZh+ac 2sUgCXzG9SZwI2ZkhO3oU4eQHzLr9OGIVPzsAXNkFpuZq1xuwp5s+33tc8CjwQrXrhua zoZFoffBUdu3efmVRxw9XzdaqIdkbNPIK/d9s=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=oqtwqb7+2G0Swnabl8SsFLLvg93aYZQpFife605VgQA=; b=Y9k3rSk3LBwRIyyzPgulHfl1CAX6wbPHLMknNsfHILn6DR0ldJH7k8VwaSNOm0ceNw vtiKFOx/BvoROVrlP6KVDeVW7dLSePu44O80yc/WIRFrVD21DEAoCWQBB1+dL7AkkGly AYZSEWIksGGfWnAmskz6+UXzHr0ayD9Zuj6rec1jIs5Svys0G5JrLSLkk2tJw/7obv4g bQ82G9fL1vavyKQ+fFn9eTmQLW7VYD5ecX8KE9OPoHNDjiOTiWVM/zX3cGAbYgsomYru SJ32UpeuJPQ5Z3hkmY21AF0ic1ae0OewDcmAGmChdnn4hlyZMw7QmitcpbGlhrKbRxn6 BedQ==
X-Gm-Message-State: AGRZ1gIj9whY6axfGMHDhCNxS9Ra7Fm9XWsBS3O+S5TjF+0/dr8qndNI vqcRYYb1DH26wT8TxgQQQWZUMA==
X-Google-Smtp-Source: AJdET5dLVC6EiNmnzwkByaohzAIrdkSMnfpwJAl9G1Y3XTdTvytlm78sL8BkN8niXG7xazW2FtKoFw==
X-Received: by 2002:aa7:c2c2:: with SMTP id m2-v6mr5693840edp.79.1541099353466; Thu, 01 Nov 2018 12:09:13 -0700 (PDT)
Received: from ?IPv6:2607:f2c0:101:3:6c29:1cd6:580e:5400? ([2607:f2c0:101:3:6c29:1cd6:580e:5400]) by smtp.gmail.com with ESMTPSA id k26-v6sm3712734ejv.59.2018.11.01.12.09.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 01 Nov 2018 12:09:12 -0700 (PDT)
From: Joe Abley <jabley@hopcount.ca>
Message-Id: <43593EAD-85BE-4C69-B063-EC96BC08EF92@hopcount.ca>
Content-Type: multipart/alternative; boundary="Apple-Mail=_ED3D3911-AB0E-4B37-AF28-73814D12D077"
Mime-Version: 1.0 (Mac OS X Mail 12.0 \(3445.100.39\))
Date: Thu, 1 Nov 2018 15:09:10 -0400
In-Reply-To: <CAH1iCipjwue_+jpC5e-ZXGFnd2WnnmWoZ7=JfTm6yBG0hn=kYw@mail.gmail.com>
Cc: "dnsop@ietf.org WG" <dnsop@ietf.org>
To: Brian Dickson <brian.peter.dickson@gmail.com>
References: <CAH1iCipHA0Hbz6QwiHL=ZoY3y7qWvBmtLQSRPh5GEV9r++kk6w@mail.gmail.com> <3E019624-4CE9-4CE1-8987-E1792A0904E2@hopcount.ca> <CAH1iCipjwue_+jpC5e-ZXGFnd2WnnmWoZ7=JfTm6yBG0hn=kYw@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.100.39)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/-hp0wywXK0gES8lr1axo1VGojlA>
Subject: Re: [DNSOP] [Ext] review: draft-wessels-dns-zone-digest-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Nov 2018 19:09:17 -0000

On 1 Nov 2018, at 15:06, Brian Dickson <brian.peter.dickson@gmail.com>; wrote:

> > Maybe signaling the algorithm(s) for which signature(s) are desired/understood would do the trick?
> > I.e. in an EDNS option?
> 
> I don't think so. EDNS options relate to servers exchanging DNS messages. ZONEMD relates to zones.
> 
> Hmmm... so at best it would be a one-way signal from the client to the server, about what they support (and optionally prefer).
> The server has to send all the ZONEMD records regardless. 

There aren't necessarily any clients or servers, DNS or otherwise. A zone could be produced and consumed in some other way.


Joe