Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-nsec-aggressiveuse ends Tonight
Stephane Bortzmeyer <bortzmeyer@nic.fr> Thu, 06 October 2016 16:41 UTC
Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE80312972E for <dnsop@ietfa.amsl.com>; Thu, 6 Oct 2016 09:41:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oyix8tnwuRas for <dnsop@ietfa.amsl.com>; Thu, 6 Oct 2016 09:41:09 -0700 (PDT)
Received: from mail.bortzmeyer.org (aetius.bortzmeyer.org [IPv6:2001:4b98:dc0:41:216:3eff:fece:1902]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8841A12972C for <dnsop@ietf.org>; Thu, 6 Oct 2016 09:41:08 -0700 (PDT)
Received: by mail.bortzmeyer.org (Postfix, from userid 10) id 5545831D66; Thu, 6 Oct 2016 18:41:06 +0200 (CEST)
Received: by godin (Postfix, from userid 1000) id 62E0BEC0B04; Thu, 6 Oct 2016 18:32:17 +0200 (CEST)
Date: Thu, 06 Oct 2016 18:32:17 +0200
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Tim Wicinski <tjw.ietf@gmail.com>
Message-ID: <20161006163217.GA17794@laperouse.bortzmeyer.org>
References: <1fc274b9-2164-1933-54e3-ce47ff48c8a3@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <1fc274b9-2164-1933-54e3-ce47ff48c8a3@gmail.com>
X-Transport: UUCP rules
X-Operating-System: Ubuntu 16.04 (xenial)
X-Charlie: Je suis Charlie
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/6sLmf8-qbGGiWTGUHS9UT2qYoGo>
Cc: dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-nsec-aggressiveuse ends Tonight
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Oct 2016 16:41:13 -0000
On Thu, Oct 06, 2016 at 02:53:38AM -0400, Tim Wicinski <tjw.ietf@gmail.com> wrote a message of 17 lines which said: > Just a reminder that the WGLC for > draft-ietf-dnsop-nsec-aggressiveuse will end later today (barring > any stuck issues). The authors appear to have addressed all open > issues The way I understand it, in -03, there is no more *positive* answers (NOERROR synthetized from a wildcard in the cache), only negative ones (NXDOMAIN). Am I correct? (If so, I agree with the change.) If this is true, then I would suggest some work on rewriting section 7 new text for updating RFC 4035. True, the cache needs to look at wildcards to see if it can synthetize NXDOMAINs or not but the way it is written, it is confusing, since a wildcard would *prevent* synthesis. May be: Once the records are validated, DNSSEC enabled validating resolvers MAY use NSEC/NSEC3 resource records to generate negative responses until their effective TTLs or signatures for those records expire. (This requires to also check there is no wildcard applicable for the QNAME.)
- [DNSOP] Reminder: WGLC for draft-ietf-dnsop-nsec-… Tim Wicinski
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Matthijs Mekking
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Tony Finch
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Stephane Bortzmeyer
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Matthijs Mekking
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Warren Kumari
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Warren Kumari
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Warren Kumari
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Warren Kumari
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Tony Finch
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Bob Harold
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Warren Kumari
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… John Levine
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Tony Finch
- Re: [DNSOP] Reminder: WGLC for draft-ietf-dnsop-n… Warren Kumari