Re: [DNSOP] draft-bortzmeyer-dname-root-00.txt
Ted Lemon <mellon@fugue.com> Wed, 06 April 2016 18:28 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5713F12D12A for <dnsop@ietfa.amsl.com>; Wed, 6 Apr 2016 11:28:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WoqAE-Y2kMnC for <dnsop@ietfa.amsl.com>; Wed, 6 Apr 2016 11:28:23 -0700 (PDT)
Received: from mail-lb0-x231.google.com (mail-lb0-x231.google.com [IPv6:2a00:1450:4010:c04::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F51E12D129 for <dnsop@ietf.org>; Wed, 6 Apr 2016 11:28:23 -0700 (PDT)
Received: by mail-lb0-x231.google.com with SMTP id vo2so35429517lbb.1 for <dnsop@ietf.org>; Wed, 06 Apr 2016 11:28:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=TvVNFVyWAE4Z6urPoNIgBpc9kbRMp2M62LtJB7booWQ=; b=DPNZDwQtOLqp/cDjHz7+nE+LEKtyuvuEsqzqTpi7eXqdQlj2Nuq53YMEMRSYBvXC7t PGgCQfy9lomrW1P3oITRWXNnqNxubYp0utsGKPDhuTJ48YX8PZ7ZEcD4Ux/sCiSk0h3Q iMYUcfSkn9ykKFeSkzY0Q87RsvACvsVb9YKmdLd0/Lw4U6qw85VLnbcXNNWwrbAkemzZ gCaz5O2h7xvUCHcKCmDthlSrR9vNTKZ5Oa1wO8Ga1svE1h4qMahsyKx73L3xTK6yFc1p vao3PEiGqVq9q4UGhjUPylHALcYTRuxMiUPvrO38GNdQbGcPPdUS/PTHQgWIWArNi9AV TWZw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=TvVNFVyWAE4Z6urPoNIgBpc9kbRMp2M62LtJB7booWQ=; b=WdKvjk/2jglbvyDBW3jpwHs8lhcK1ZMLnxO0ySIzDTEwG7emSZNFwVv+cnAexg/EQL MciA/m4TOfaMedPiXenunndijNskDVyPzk5iLtMfSR7JyzpDk0b9j05AKNXe0bhdHKVz tYrnccz9WqvvkEHNlZzULGp7fSF/cFoB5Nw5h+3avDBD5WHUTsLu/+hu8siaBUe/FBjw 3F/Ir85izov37zP4XyBmCxgLVwaVbhCd5iWHjXFb3LrQF0FxnMwtPXftswRdJF+G97rr YnpZLQ7HS9AvLd5J+Ksl+r2dC9/HFF7P+pcTP4Z+6AGNEDbOVgAY8A90MhIP50kKdKUl ErBQ==
X-Gm-Message-State: AD7BkJI+xOIuBcrYMMlu7JWyKIsXc1/k5aJ4zdHALUHRFIo3t5UA8GR8Q64q6i7bkgi+fMzo614GKzSskDFV7w==
X-Received: by 10.112.227.71 with SMTP id ry7mr2878016lbc.78.1459967301756; Wed, 06 Apr 2016 11:28:21 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.40.136 with HTTP; Wed, 6 Apr 2016 11:27:41 -0700 (PDT)
X-Originating-IP: [2001:67c:1231:998:ec62:80b3:91d7:df8a]
In-Reply-To: <20160406175824.GA1386@laperouse.bortzmeyer.org>
References: <CAKr6gn3rLUWD+qbKzOpqJ4a8RkA20HHmcQZ7jyNqbB5n+a5N=w@mail.gmail.com> <20160406172209.GA29730@laperouse.bortzmeyer.org> <CAKr6gn1paX05WgQhX43TBjJahhv3ExKHgW4KeJ49+LH7=H7hWA@mail.gmail.com> <20160406175824.GA1386@laperouse.bortzmeyer.org>
From: Ted Lemon <mellon@fugue.com>
Date: Wed, 06 Apr 2016 15:27:41 -0300
Message-ID: <CAPt1N1=3crRhC3DhFM42OV3kgrLbe2zT6JZ3v7okbrr7=uzCpw@mail.gmail.com>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
Content-Type: multipart/alternative; boundary="001a11347e8e67bf2c052fd5203d"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/3H_0_zYNAlotzkE77xqBFPAhOiQ>
Cc: dnsop WG <dnsop@ietf.org>, George Michaelson <ggm@algebras.org>
Subject: Re: [DNSOP] draft-bortzmeyer-dname-root-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Apr 2016 18:28:27 -0000
If the NXDOMAIN response is secure, your "ND" bit would at worst be harmless if it were faked, unless you're proposing that the ND bit be retained permanently! On Wed, Apr 6, 2016 at 2:58 PM, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote: > On Wed, Apr 06, 2016 at 02:33:28PM -0300, > George Michaelson <ggm@algebras.org> wrote > a message of 38 lines which said: > > > I meant a form of signing, which would be a strong signal of > > repudiation of the label as well as exclusion of other holders of > > the label, so that it could be a first-class signal "not in the DNS" > > -> look in another internet-name lookup mechanism. > > A ND bit (NS = Not in DNS), as a flag in a NXDOMAIN response, would > not be signed with DNSSEC, so it requires a new kind of NSEC... > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
- [DNSOP] draft-bortzmeyer-dname-root-00.txt George Michaelson
- Re: [DNSOP] draft-bortzmeyer-dname-root-00.txt Stephane Bortzmeyer
- Re: [DNSOP] draft-bortzmeyer-dname-root-00.txt George Michaelson
- Re: [DNSOP] draft-bortzmeyer-dname-root-00.txt Stephane Bortzmeyer
- Re: [DNSOP] draft-bortzmeyer-dname-root-00.txt George Michaelson
- Re: [DNSOP] draft-bortzmeyer-dname-root-00.txt Stephane Bortzmeyer
- Re: [DNSOP] draft-bortzmeyer-dname-root-00.txt Ted Lemon