Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc2845bis-04.txt
Martin Hoffmann <martin@opennetlabs.com> Mon, 01 July 2019 10:39 UTC
Return-Path: <martin@opennetlabs.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13202120071 for <dnsop@ietfa.amsl.com>; Mon, 1 Jul 2019 03:39:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.898
X-Spam-Level:
X-Spam-Status: No, score=-6.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2KrhKLq_nvU7 for <dnsop@ietfa.amsl.com>; Mon, 1 Jul 2019 03:39:35 -0700 (PDT)
Received: from dicht.nlnetlabs.nl (dicht.nlnetlabs.nl [IPv6:2a04:b900::1:0:0:10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7428B120045 for <dnsop@ietf.org>; Mon, 1 Jul 2019 03:39:35 -0700 (PDT)
Received: from glaurung.nlnetlabs.nl (unknown [IPv6:2a04:b900:0:1:a2c5:89ff:feb5:e311]) by dicht.nlnetlabs.nl (Postfix) with ESMTPSA id 312F427F6A; Mon, 1 Jul 2019 12:39:32 +0200 (CEST)
Authentication-Results: dicht.nlnetlabs.nl; dmarc=none (p=none dis=none) header.from=opennetlabs.com
Authentication-Results: dicht.nlnetlabs.nl; spf=none smtp.mailfrom=martin@opennetlabs.com
Date: Mon, 01 Jul 2019 12:39:31 +0200
From: Martin Hoffmann <martin@opennetlabs.com>
To: Stephen Morris <sa.morris8@gmail.com>
Cc: dnsop@ietf.org
Message-ID: <20190701123931.47dad81e@glaurung.nlnetlabs.nl>
In-Reply-To: <FBE36F38-6D92-4CFE-AD32-3E3AB185743E@gmail.com>
References: <156145367176.22755.17447710400139018444@ietfa.amsl.com> <FBE36F38-6D92-4CFE-AD32-3E3AB185743E@gmail.com>
Organization: Open Netlabs
X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/5hZJuJiVVLi-Xwv9L0Kql9AwqKE>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc2845bis-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jul 2019 10:39:37 -0000
Hi Stephen, Stephen Morris wrote: > > Back in March, Martin Hoffman did a comprehensive review of the > RFC2845bis draft and made a number of very good suggestions for > improvements to its readability. I've edited the draft to take > account of his comments, something that has had a significant effect > on its structure. Thank you for taking the time to rework the document -- and sorry for causing all this work. I do believe this is a much better document now! I have only one thing that I would like to see addressed: MD5 being mandatory. I asked back in March if we could make it optional and, as far as I remember, there was some agreement. Also, there are two requests for feedback in your comments to my comments, which I thought I keep here so that they become more visible: > > 6.5.3. Time Check and Error Handling > > > > o An actual protocol question: What is the point of the caching > > the last Time Signed per key and rejecting earlier messages? What > > about reordering of messages as can happen with UDP? > > Good question: thoughts? > > > > o What Fudge should the server use in its BADTIME response? > > I would presume that the Fudge field is not used when verifying the > error response so is irrelevant. However, is should be specified. > Thoughts? Kind regards, Martin
- [DNSOP] I-D Action: draft-ietf-dnsop-rfc2845bis-0… internet-drafts
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc2845b… Stephen Morris
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc2845b… Martin Hoffmann