Re: [DNSOP] I-D Action: draft-woodworth-bulk-rr-07.txt

"Woodworth, John R" <> Thu, 01 February 2018 18:23 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5FED612ECA4 for <>; Thu, 1 Feb 2018 10:23:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.93
X-Spam-Status: No, score=-1.93 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id rFfVXGRTRCko for <>; Thu, 1 Feb 2018 10:23:29 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3641C1316B4 for <>; Thu, 1 Feb 2018 10:22:46 -0800 (PST)
Received: from lxomp90v.corp.intranet (lxomp90v.corp.intranet []) by (8.14.8/8.14.8) with ESMTP id w11IMijd051125 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Thu, 1 Feb 2018 11:22:45 -0700
Received: from lxomp90v.corp.intranet (localhost []) by lxomp90v.corp.intranet (8.14.8/8.14.8) with ESMTP id w11IMdEP017290; Thu, 1 Feb 2018 12:22:39 -0600
Received: from lxomp06u.corp.intranet (lxomp81v.corp.intranet []) by lxomp90v.corp.intranet (8.14.8/8.14.8) with ESMTP id w11IMdrD017283 (version=TLSv1/SSLv3 cipher=AES256-SHA256 bits=256 verify=NO); Thu, 1 Feb 2018 12:22:39 -0600
Received: from lxomp06u.corp.intranet (localhost []) by lxomp06u.corp.intranet (8.14.8/8.14.8) with ESMTP id w11IMdtO056558; Thu, 1 Feb 2018 12:22:39 -0600
Received: from vodcwhubex501.ctl.intranet (vodcwhubex501.ctl.intranet []) by lxomp06u.corp.intranet (8.14.8/8.14.8) with ESMTP id w11ILsu7054900 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 1 Feb 2018 12:22:39 -0600
Received: from PODCWMBXEX501.ctl.intranet ([]) by vodcwhubex501.ctl.intranet ([]) with mapi id 14.03.0339.000; Thu, 1 Feb 2018 12:20:48 -0600
From: "Woodworth, John R" <>
To: 'Mikael Abrahamsson' <>, JW <>
CC: "" <>, "Woodworth, John R" <>
Thread-Topic: [DNSOP] I-D Action: draft-woodworth-bulk-rr-07.txt
Thread-Index: AQHTYRvKn/iKFaAXSU2coiu3/nPrHqOQCMAAgAA+T8A=
Date: Thu, 01 Feb 2018 18:20:47 +0000
Message-ID: <A05B583C828C614EBAD1DA920D92866BD09294CE@PODCWMBXEX501.ctl.intranet>
References: <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-TM-AS-MML: disable
X-CFilter-Loop: Reflected
Archived-At: <>
Subject: Re: [DNSOP] I-D Action: draft-woodworth-bulk-rr-07.txt
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 01 Feb 2018 18:23:30 -0000

> -----Original Message-----
> From: DNSOP [] On Behalf Of Mikael Abrahamsson
> Hi, I am brought here because of the notification of this in v6ops.
> I am supportive of the general idea of having these kinds of bulk records
> standardized.

Hi Mikael,

Thank you for your interest and comments, they are welcome and appreciated.

> I read the draft, and if I understand correctly it currently
> proposes to not have DNSSEC support without on-the-fly signing.

We introduced a number of concepts with our initial draft, including support
for offline DNSSEC.  After a number of discussions with others we determined
our solution (NPN RR's) may be better suited for a broader scope and are
planning to move it into its own draft.  Our hope is for others to benefit
from our effort and promote similar concepts and features yet to come.

Our immediate goal is to get the draft adopted by the WG so we can iron
out the details as a community.  I feel we've demonstrated our openness
to change and willingness to forge this draft into what can be the most
useful and greatest benefit to those concerned.  This definitely includes
support of DNSSEC its many challenges.

> I am extremely opposed to introducing new features into DNS that doesn't
> support DNSSEC.

Agreed.  We only recently removed NPN RR's (offline support) from our
draft in hopes it may simplify and garner more support for the draft.

We are open to reintroducing it if that makes more sense.

Thanks again,
> --
> Mikael Abrahamsson    email:
This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.