Re: [DNSOP] [dnsext] Re: Computerworld apparently has changed DNS protocol
Jay Daley <jay@nzrs.net.nz> Wed, 04 November 2009 23:33 UTC
Return-Path: <jay@nzrs.net.nz>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8D94A3A6A46 for <dnsop@core3.amsl.com>; Wed, 4 Nov 2009 15:33:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Z+uawxvZ8hZ for <dnsop@core3.amsl.com>; Wed, 4 Nov 2009 15:33:10 -0800 (PST)
Received: from srsomail.nzrs.net.nz (srsomail.nzrs.net.nz [202.46.183.22]) by core3.amsl.com (Postfix) with ESMTP id 860653A6A41 for <dnsop@ietf.org>; Wed, 4 Nov 2009 15:33:10 -0800 (PST)
Received: from localhost (srsomail.office.nzrs.net.nz [202.46.183.22]) by srsomail.nzrs.net.nz (Postfix) with ESMTP id 984371E003; Thu, 5 Nov 2009 12:33:30 +1300 (NZDT)
X-Virus-Scanned: Debian amavisd-new at srsomail.office.nzrs.net.nz
Received: from srsomail.nzrs.net.nz ([202.46.183.22]) by localhost (srsomail.office.nzrs.net.nz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pQADPVUXV9YV; Thu, 5 Nov 2009 12:33:26 +1300 (NZDT)
Received: from [192.168.22.175] (unknown [192.168.22.175]) (Authenticated sender: jay) by srsomail.nzrs.net.nz (Postfix) with ESMTP id 206CF1E004; Thu, 5 Nov 2009 12:33:26 +1300 (NZDT)
Message-Id: <A7FB8915-5E5B-479A-A0EA-4E9A4AD13B16@nzrs.net.nz>
From: Jay Daley <jay@nzrs.net.nz>
To: Matthew Dempsky <matthew@dempsky.org>
In-Reply-To: <d791b8790911041345u378d9525i1cfc48251fe2d132@mail.gmail.com>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Date: Thu, 05 Nov 2009 12:33:25 +1300
References: <200911041858.TAA24009@TR-Sys.de> <FD44BF39-5B62-4689-AC6D-8DFFAF340EA1@icsi.berkeley.edu> <20091104192634.GA31981@vacation.karoshi.com.> <d791b8790911041141k71066fa9nede54d5dff9394fa@mail.gmail.com> <8643905B-B73B-4D87-A1CE-F218E4BA9FD4@virtualized.org> <d791b8790911041345u378d9525i1cfc48251fe2d132@mail.gmail.com>
X-Mailer: Apple Mail (2.936)
Cc: dnsop WG <dnsop@ietf.org>
Subject: Re: [DNSOP] [dnsext] Re: Computerworld apparently has changed DNS protocol
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Nov 2009 23:33:11 -0000
On 5/11/2009, at 10:45 AM, Matthew Dempsky wrote: > I'd appreciate if someone could clarify what the "large responses" > that will preexist "actual DNSSEC usable data" that Bill Manning is > referring to are. It's unclear to me whether it's still technically > DNSSEC data and hence would require a client to send DO=1, or if it > will be something like large additional section TXT records or just > trailing bytes. As far as I am aware, yes it is real DNSSEC data so yes it will require DO=1 but the keys will be dummy keys (i.e. secret) that cannot be configured as trust anchors and so the signatures will be ignored. At the end of that phase, real keys will be used and published. See http://sel.icann.org/meetings/seoul2009/presentation-dnssec-workshop-lamb-28oct09-en.pdf for more details Jay -- Jay Daley Chief Executive .nz Registry Services desk: +64 4 931 6977 mobile: +64 21 678840
- Re: [DNSOP] [dnsext] Computerworld apparently has… bmanning
- [DNSOP] Computerworld apparently has changed DNS … Alfred Hönes
- Re: [DNSOP] Computerworld apparently has changed … Nicholas Weaver
- Re: [DNSOP] Computerworld apparently has changed … bmanning
- Re: [DNSOP] [dnsext] Computerworld apparently has… bmanning
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Nicholas Weaver
- Re: [DNSOP] [dnsext] Computerworld apparently has… Alfred Hönes
- Re: [DNSOP] Computerworld apparently has changed … David Conrad
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… David Conrad
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Florian Weimer
- Re: [DNSOP] [dnsext] Computerworld apparently has… Florian Weimer
- Re: [DNSOP] Computerworld apparently has changed … David Blacka
- Re: [DNSOP] Computerworld apparently has changed … Florian Weimer
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Florian Weimer
- Re: [DNSOP] Computerworld apparently has changed … David Blacka
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Mark Andrews
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Matthew Dempsky
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Matthew Dempsky
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Jay Daley
- Re: [DNSOP] [dnsext] Computerworld apparently has… Mark Andrews
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… David Conrad
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Matthew Dempsky
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… George Michaelson
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Florian Weimer
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Nicholas Weaver
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… George Michaelson
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Duane Wessels
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Duane Wessels