IETF Logo Mail Archive

Re: [DNSOP] New draft on delegation revalidation

"Giovane C. M. Moura" <giovane.moura@sidn.nl> Mon, 25 May 2020 06:18 UTC

Return-Path: <giovane.moura@sidn.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5AA43A0C26 for <dnsop@ietfa.amsl.com>; Sun, 24 May 2020 23:18:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.079
X-Spam-Level:
X-Spam-Status: No, score=-1.079 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MISSING_HEADERS=1.021, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sidn.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BmuKtMdnrqiT for <dnsop@ietfa.amsl.com>; Sun, 24 May 2020 23:18:18 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2053.outbound.protection.outlook.com [40.107.22.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DBD1A3A0C25 for <DNSOP@ietf.org>; Sun, 24 May 2020 23:18:17 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GvAkiUvfvXpHGKi0Z6EBI/OugQcKv0hXEJPHZqSILMMkwTfI1quu/1lMMNlo5ULOGk1gRwIv/GwVBqbGdFLz7mcOe+gWLbkWIsEznJRG+PZZO5tkJBDAuoJbcJZJGgcJBvv0zcSYyT2qGi5MWcKL0zjz3Qa+gFTnj4alGaiGfUK5RhtMi1BX9HHcEbtwiOSeqmQEyn4X4gH785vpPpSUhj8Ahqt0masZcWZtjhJI18iNGO41fAKAPSRCUWhgANDbfHmZh8htsDNBkU96pp5CNU79I+3/htQmtimdEIbGmVr2mjBlUrJJ9MMJ8YD+SKVGoS12AmPm+W0ndn3G0RZ7VA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fBAeM7JbqaVasRuFqB8GyHGcP1YZ0YdGkLdJPFpwqBo=; b=Xvht6FmU6yYc+15NC8L7CqmtG/z8L7XZeh6LWZlobda2AEbmM+GcdU/W3M8gxBnC8VbuPMKnvDDJo4gQGufLt1qI2T1+AaGZTumcEDZHGF76Aq5KTWuxbR9NSD4ftS040gwGEZ3+PmBe4Em7f3m9fh+s0sFADVw3+DPKrd0EHLKbFIgdxkhNH8f0oflWGDNTXm2lGQFIDNhw1rUu+o9mBtNIdVH/obiyT24/9fKejJLziJBjuvq4/JTtVYI/41QS+pVSKCw7lhn2hUv7U6oOaXOeCoF7wS2qXTUUfFoo0JWN8ut+eMUaAmedgGXdZCXJJ2igHLyZ8LFP+QWxsqFsOw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sidn.nl; dmarc=pass action=none header.from=sidn.nl; dkim=pass header.d=sidn.nl; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sidn.nl; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fBAeM7JbqaVasRuFqB8GyHGcP1YZ0YdGkLdJPFpwqBo=; b=olIkJ+WQ8f+nWKJwmImZfnJj7lTgRHezbCOOLkKd/+s05OiibpZPcdo7VBghN59U6PKQ6PSmXJUIMbZXagL3HFfPJpvv6U+B2vH4gDEyTSQsaU3FTigWGLiaUERvwxo3E0R52fRW7MyTWyp+jXOnLchC2wdLClFh/aRXpf1uSzY=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=sidn.nl;
Received: from AM0P194MB0257.EURP194.PROD.OUTLOOK.COM (2603:10a6:208:61::31) by AM0P194MB0513.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:16e::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.24; Mon, 25 May 2020 06:18:14 +0000
Received: from AM0P194MB0257.EURP194.PROD.OUTLOOK.COM ([fe80::40dc:96f0:d873:6848]) by AM0P194MB0257.EURP194.PROD.OUTLOOK.COM ([fe80::40dc:96f0:d873:6848%6]) with mapi id 15.20.3021.029; Mon, 25 May 2020 06:18:14 +0000
Cc: IETF DNSOP WG <DNSOP@ietf.org>
References: <CAHPuVdV9eSCLQOqMF0cq8fHcuSZs7nCgjhHMfMoaV5H=ekbtSA@mail.gmail.com> <4feca627-79d6-374e-402d-f50d49e03469@sidn.nl> <CAHPuVdVkTbV6o5sVCZzOcE4y0yEFUa3rmtcsWooxQK0nO_eMvw@mail.gmail.com> <058d760a-7400-e407-4d12-c744d949538e@sidn.nl> <b6772ece-b09c-8acc-74dc-860f864df863@sidn.nl> <CAHPuVdVyn8Kcd=8Fux4kH=DTzWLj3dSk7HntrvBx_Vvr+7y7kA@mail.gmail.com>
From: "Giovane C. M. Moura" <giovane.moura@sidn.nl>
Autocrypt: addr=giovane.moura@sidn.nl; keydata= mQINBF14qwEBEAC7A6IGvwbFinLND4AFjFycPiM5Y3qudODE0kiYBPy5d4NIT4uAthSm2FPp 3kUNxMtlZI5NR0Ie/kI2NLdpS6MLpkKtO30D2GIQjaQ58emUnWAxkH94RDB5cJ69mmVxIUnv cpZEOrCvBcJU3SIhnXTfga8AFEct5Sb6XRYy8kblGXcH/6W1XTckcb4g/SejszC2oiiV3cZH HS3UCJvMfY1/6ojq6Cot6jgs/3M56PZI9odsYATu84JNaKqFv1rbD1lf7hYOM5sri6OqrPad qBOCT5DWbdxHvi6JzLNhuxxag/BtJPfLxMFDm+C6P0FKSjY78EzY6Ne2MKlLSDGQWyAHXZae X9RO/0t64LEWBLXmVS1KtIAPt0TgGodhr5d7jXP2maFmgO2+rWhGBBEeC9y9oRRJuBGFzl8w 0wMp1RDNipomtjWPZIIsuWiNKAF/iaPcTr6ZjaNOhnX+Kuqh3X7rr546RYtDDCVWVDpLKZmn 1scrRGKnhvPQsBiuICp5Up6sHNxh30c0n2PJeUZYlhLiZTuzG3rUSg7TLx7d39V4/XyjNr1p ordddIzM2zcGCNP0IgyjdMzjFljL01liMhENXmSagwDLQsOuExcZfawWviPEB2Rzz39obuxi L08RPrtnptcjkx0n6JFtkQUBOLGodtWWLs9cVF4Lic7aJswg6wARAQABtCtHaW92YW5lIEMu IE0uIE1vdXJhIDxnaW92YW5lLm1vdXJhQHNpZG4ubmw+iQJOBBMBCAA4FiEEkUlxD1iA/bYW 8LYoeMuqlaSXxY4FAl14qwECGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQeMuqlaSX xY7A/w/9FSp5N5rGcWe9bK8+k06e5dcxYRphMMHpC6hnrvyfgZgvepkhx9jK8HOevF1xk/Xa 8MR53fP0wo+2ZXSPJNgkzITFFypHfM2LLxh1/Lm2KnwR58OuX/E1juvOx5FseDrVjcmOL1s/ vtm0s4nlbzCSwrvBfnpsSXmQvseQHcm82Oto78p7YxgUNoxjPkaUkmekDMm8TWwctTummYfM vHzKgKSVCCBNJayRRR6+pw+UG5mnlvUgv96AwK7CUF2pjlwIFKx6cVDDD3M17ZUP6zsPQ+HB 8m0DtQFtAu1mU/OXeNk54jKm4b2A1gXwNnh11e7uPzS5hrjz9znwyTLLw1fJPySYUVMDhuu4 EI+L2Goi1DrhLunQ72YRIKHF3jVjDd6eHenk9Qq44WfuYOE1PSdIKjhS0DfOZgy/C4DWkot/ XfZ40dlaV1eLb/fjWw1/GY3FYZIxxPvFV5tg+Fjn4pqiqy2XvCBrIzMYG0X4u3A4Kvjnblh0 9G/bD8lzx6mUymDvZ/PHk8+mhp9obA+LcmLHt+lkNyR73vT1ZTrQWqrzMTlXN7guFWSOrCOm toWgVu63L9LsFKiUllkctXGhFzaERQT85h6ugovq7Bk0Qf0NBvHcwxgBdUa/uqp9Frcm4gT3 pZFepXY4Q63nL/y3Ay65rouurVPsSUTghuzgRaZ1ePq5Ag0EXXirAQEQANJeW4E1yFJ8RIdH /LUp7ZjLSQZjxLi0J6Jz8q60ZCFOEBh++i0nmYljEHG1HHqvMzv7x7EEg2ZaQmk6l8ZF4CuG oy8xjKLyM1v7k3i/GPwHEmWAKR6VxwBflE4ISL0bwecOuBubemSsQYaHBvydTg/sSkCz2YcF inec4o4Ertu4HCo0c+LlzcWWcb1/O6vUaOGCH0LBXT2btbDMzOgSBTeRCHP/aLIClkjNmvRc mQIszCCriuqlapNWTzIm8WVfD5Ho/ZyrtgeSbqk5I4by9eyAJNDKi05NgR1vY85tQ/hNIN90 8RcVK7OvGrQ9NgJpk3oFeaCkAXbhq5HfAI2tWnj3lrPLa7FP//YoYVY/Teqb+Ehp1CiVkeHf F2yGRsSWa+99Ii3nM3E8CpJu+SS/M1zbQlBgvGT+liXMfvJ/7wzAivTdIsy94uiWbLvrmF6V g6Iwq6d9O+/3j8gvcl0OXvUzNO9Qjb3+dL9hoKZ4GPUN9nYP34KcGLgdeyi0/DeKTLDODbXA scoQ+V96JmJzMW+UXkIyfq27MVyZLnJMtwD9On2/vSaNjXD2imfUbtHU0+7FvET8qzzJUBII IYz0dA5UmQx2/PKqDLh5DWdaWZa1cf6RqQ+FE10ePot+RjTU3ojiYqbzJ9Nm8WazV2ibAMg9 gozAb/oRmp7vzZURc21PABEBAAGJAjYEGAEIACAWIQSRSXEPWID9thbwtih4y6qVpJfFjgUC XXirAQIbDAAKCRB4y6qVpJfFjo9sD/9iqHO8MMaMBhefBJs5imU+TMarHto+OLfsnGTQarqH GfyvCB6LmY0ZP92jXtMe9hx0dt8SrlGOtwsFoqcvSk5L5yaFde1aG2o3a21mlcyMRhljzME9 RgnN61pB/rfg8yjbxNbhBgKjQCO/2fyJIcp9Er2qKmJYGV7UkP3Fl5SHMs6Z9IiDhRQjhpKZ iXRpQUofHggErvV7//j8ALLEReVjfEg049EZ1U5VQosroXzkbSPfpAHjW4d+MdCM38WYC3Ap fk7qY1vZV3YTj/eD7j4b772xMMlUdPm6Vl83sAY/OP5ZFCe/f8HUwaRYm6zwhnRug8tI2g05 N3/yBVbmc047gtXTFuW0ZhHkN26rSl6e+gtfhoh0CigfixHRFI6TWrtF5APVxW+WJ1N990w1 RXXHCn8ZGVJ9u8sglWPSWwK8vVhhbZQVtPUkUegN0Zj7nqHz+5nHtqsF6ddIN65akf+CqArU /iVwvA5gsvid2vyunM88MlUplJBmAXtMEyCpvTyfDTT7jYY15ZpaO3jlHyiagwVhVrxgsw+B N0RmT/zoqKN33zuhSmrxw0+vU+gq2BZLjpjZRnnjeoFwKo3qNWKx7BRTxzOG5eMoGzrvO7dF Xt5QjjOQ4cFtq4ryW8qDfmDd4mLYyMcRO/hOPPq30pW9emtiXFABb8JvwfEusod+mQ==
Message-ID: <f38150ec-e528-24ca-114c-b6a6f96581e4@sidn.nl>
Date: Mon, 25 May 2020 08:18:13 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0
In-Reply-To: <CAHPuVdVyn8Kcd=8Fux4kH=DTzWLj3dSk7HntrvBx_Vvr+7y7kA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-ClientProxiedBy: AM0PR02CA0018.eurprd02.prod.outlook.com (2603:10a6:208:3e::31) To AM0P194MB0257.EURP194.PROD.OUTLOOK.COM (2603:10a6:208:61::31)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [IPv6:2a00:d78:0:711:a894:71ff:fe88:a610] (2a00:d78:0:711:a894:71ff:fe88:a610) by AM0PR02CA0018.eurprd02.prod.outlook.com (2603:10a6:208:3e::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.25 via Frontend Transport; Mon, 25 May 2020 06:18:14 +0000
X-Originating-IP: [2a00:d78:0:711:a894:71ff:fe88:a610]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: c1343d94-a4d7-409d-3cb9-08d80073684c
X-MS-TrafficTypeDiagnostic: AM0P194MB0513:
X-Microsoft-Antispam-PRVS: <AM0P194MB0513296D3C041EA3A5F689E7F1B30@AM0P194MB0513.EURP194.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:6790;
X-Forefront-PRVS: 0414DF926F
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 5m6e/WCGUR8M378AC893lu4d3mKC+PiasczmemCnb052XPBrR4oECQleUtQc4dXNL0xS8U0Bo6RNGqg8h+H9cgq6/QwbwfKbxEPAXbzAqcO92LbcyTba2dchb2Ujc+AiZnjzaQZgpr4K9I5dL8xk/HfZ/ppOswJ53a5Q4bzasuyXsPIKYEN9GSTtIVLzkqnqh6EZ0YP9KQNOoW4CnIJlomaF3BnHxGlEnssPKDFXgwREEZ+c7P7sLfVHspAlTyHuR0p6NyatgJH8QAVGDTYAReV7p1a5djl1hDejyqWK+09Es6NnpS+F7HhrHGfHH0mswc/U1FHs2hNybP1xJ8rl/OS/49RU0f8hjCgiWgbEK5vDeIeI2KkQxaa/vhaMWiKT
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0P194MB0257.EURP194.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(376002)(136003)(39840400004)(396003)(346002)(366004)(31686004)(8936002)(186003)(16526019)(478600001)(86362001)(109986005)(2906002)(36756003)(4744005)(4326008)(31696002)(52116002)(316002)(2616005)(66946007)(5660300002)(66476007)(66556008)(6486002)(8676002)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: 4k95MpME8fMFkuqEKheiDBZpBxz3q2uVt1vwUzKcD1VfFQyUWTyydWliKyDD3Y0LQ8DnUz8tNaTjI0hrKmtjOyFj6+12lvlXMw/i0mrfTS5RU5GwOwQx+UvdAAHVwWV8ek9umHetmZbDbS5b0N+Jiy0SbgTVJsYy+jIq2BPVABpP1bNWsKI1tiY6xrAP+sPUMZwOPvLOppUJmopFYAp6USDBisYzPilSNDsyLG4T4gO4x/eV+A9fN/OkkeLE6kOxht3+nauR/o1ZSAtDi7Tj6acoFWcQppYnS/fTXYoNSFgQ6YL3NSdTQmlajls1do+067mm+GVWsQddCwVHB2PuNLeS3Wqv2mH4cOjIJGYV2YzS7awibzraWR/n6hSemliAtxoF893pMNxOZjT9Da4Z1VesaFUa04ppJ/QlIesRl3KEbTMNgjW6hn7eYLnmSz/nQbjQrD1hvmzZcd4Dqt91ed4200HyM4SmmmEDJEGZ79+vPnIYvQcKJvcuzzH3f3MsE+1D3ELH0EwZHo1ZXw62WEU6fZXj14OonEydaCCauao=
X-OriginatorOrg: sidn.nl
X-MS-Exchange-CrossTenant-Network-Message-Id: c1343d94-a4d7-409d-3cb9-08d80073684c
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 May 2020 06:18:14.6499 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: ab4d3626-c1c5-4a75-ab85-427f1a644a7d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: gTzcdEK+6gurFrYHIX38xBiDHs2Koy6Ws3i74AggzBKkbRZkVgOtGEitP6VrS7rO+nt2pAJ7ZBo2ywtO4g2a7A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0P194MB0513
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/3pLZBEOpAfx4GJBH1LZYTNC2nno>
Subject: Re: [DNSOP] New draft on delegation revalidation
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 May 2020 06:18:21 -0000

Hi Shumon,


> Thanks Giovane (and Marco)!
Sure thing.

> The HTTPS site goes to a different and mostly empty page - and
> Chrome doesn't like the certificate because it has a wildcard Subject
> CN. Are you planning to fix that?
fixed.


> I know DNSSEC is likely not the focus of your experiment, but the
> zones do seem to be signed - but with algorithm 16 (Ed448), which
> not a lot of resolvers or debugging tools support yet. Any reason you
> didn't choose a more widely supported algorithm?

No particular reason, we can also change later on.

/giovane

v2.23.0 | Report a Bug | By Email