Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-for-free
Florian Weimer <fweimer@redhat.com> Wed, 23 March 2016 21:10 UTC
Return-Path: <fweimer@redhat.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4555212D632 for <dnsop@ietfa.amsl.com>; Wed, 23 Mar 2016 14:10:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.932
X-Spam-Level:
X-Spam-Status: No, score=-6.932 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZafOFeJArDVm for <dnsop@ietfa.amsl.com>; Wed, 23 Mar 2016 14:10:42 -0700 (PDT)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1F9B12D93C for <dnsop@ietf.org>; Wed, 23 Mar 2016 14:10:39 -0700 (PDT)
Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (Postfix) with ESMTPS id 79AF48553D for <dnsop@ietf.org>; Wed, 23 Mar 2016 21:10:39 +0000 (UTC)
Received: from oldenburg.str.redhat.com (ovpn-204-38.brq.redhat.com [10.40.204.38]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u2NLAbXD011809 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <dnsop@ietf.org>; Wed, 23 Mar 2016 17:10:39 -0400
To: dnsop@ietf.org
References: <CAC=TB13r_7TPEcUeZqH6sxqKXHRn7TgFwLwdqjBxa57aqS1MZg@mail.gmail.com> <20160323130755.GA798@mx2.yitter.info> <CAC=TB10whpfc15pW-USiy3=4AC1rM-EWg72M4bzHN3CyDhWDTw@mail.gmail.com> <20160323200310.GI1450@mx2.yitter.info>
From: Florian Weimer <fweimer@redhat.com>
Message-ID: <56F3064C.90506@redhat.com>
Date: Wed, 23 Mar 2016 22:10:36 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <20160323200310.GI1450@mx2.yitter.info>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/1B-KXCqPJBZZAQ4NLP1pgRq99cQ>
Subject: Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-for-free
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Mar 2016 21:10:44 -0000
On 03/23/2016 09:03 PM, Andrew Sullivan wrote: > I don't understand how it's a way to evaluate this claim. DNSSEC > includes a bit (DO) that says you're prepared to handle the additional > data in the answer section. Indeed, the unpreparedness of people for > this data was just exactly the reason for the DO bit. What isn't > clear to me is whether people implemented that as, "Take whatever > comes in the answer even if you didn't ask for it," or whether they're > looking for DNSSEC data. The latter is what DO says one is prepared > to do. DO was used initially for SIG and kept for RRSIG. For an early DNSSEC implementation, RRSIG was just another unsolicited RR type because it could only know about SIG. This suggests (to me at least) that practically speaking, DO isn't strongly tied to DNSSEC. Florian
- [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-for-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Mark Andrews
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Wouters
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Vixie
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Wouters
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Mark Andrews
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Mark Andrews
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Wouters
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Vixie
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… George Michaelson
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Vixie
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… George Michaelson
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Vixie
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Tony Finch
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Bob Harold
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Shumon Huque
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Mark Andrews
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Shane Kerr
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Mark Andrews
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Tony Finch
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Andrew Sullivan
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Andrew Sullivan
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Tony Finch
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Philip Homburg
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Ólafur Guðmundsson
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Joao Damas
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Florian Weimer
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Florian Weimer
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Andrew Sullivan
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Florian Weimer
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Darcy Kevin (FCA)
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Wouters
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… George Michaelson
- [DNSOP] Stub resolvers and A+AAAA (was Introducin… Shane Kerr
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Andrew Sullivan
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… John Levine
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Ólafur Guðmundsson
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… John Levine
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Andrew Sullivan