[DNSOP] NSEC/NSEC3 for unsigned zones and aggressive use
Mukund Sivaraman <muks@isc.org> Tue, 18 July 2017 09:47 UTC
Return-Path: <muks@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6BE4A131DD1 for <dnsop@ietfa.amsl.com>; Tue, 18 Jul 2017 02:47:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.265
X-Spam-Level:
X-Spam-Status: No, score=0.265 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_SORBS_WEB=1.5, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ky4ff3JLMGfu for <dnsop@ietfa.amsl.com>; Tue, 18 Jul 2017 02:47:00 -0700 (PDT)
Received: from mail.banu.com (mail.banu.com [46.4.129.225]) by ietfa.amsl.com (Postfix) with ESMTP id 644DC131A93 for <dnsop@ietf.org>; Tue, 18 Jul 2017 02:47:00 -0700 (PDT)
Received: from jurassic (unknown [115.118.30.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.banu.com (Postfix) with ESMTPSA id 39B8856A04AF; Tue, 18 Jul 2017 09:46:57 +0000 (GMT)
Date: Tue, 18 Jul 2017 15:16:54 +0530
From: Mukund Sivaraman <muks@isc.org>
To: dnsop@ietf.org
Message-ID: <20170718094654.GA31988@jurassic>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.8.3 (2017-05-23)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/6vYVFaQDvAJ8-0jsmRbwcdcz1h0>
Subject: [DNSOP] NSEC/NSEC3 for unsigned zones and aggressive use
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jul 2017 09:47:01 -0000
Hi all There are still many popular unsigned zones, many of which don't look like they will be signed soon due to operational and other reasons. Will you give some thought and reply with your opinion on NSEC/NSEC3 for unsigned zones requiring the DNS COOKIE option in transmission, that can be used with draft-ietf-dnsop-nsec-aggressiveuse? Mukund
- [DNSOP] NSEC/NSEC3 for unsigned zones and aggress… Mukund Sivaraman
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Francis Dupont
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Tony Finch
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Jim Reid
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Mukund Sivaraman
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Paul Hoffman
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Mukund Sivaraman
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Petr Špaček
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Francis Dupont
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… 神明達哉
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Mukund Sivaraman
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Stephane Bortzmeyer
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Petr Špaček
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Petr Špaček
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Mukund Sivaraman
- Re: [DNSOP] NSEC/NSEC3 for unsigned zones and agg… Peter van Dijk