Re: [DNSOP] on 'when to implement' (was: Re: Working Group Last Call for: draft-ietf-dnsop-kskroll-sentinel)

Benno Overeinder <benno@NLnetLabs.nl> Wed, 09 May 2018 13:49 UTC

Return-Path: <benno@NLnetLabs.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF5CF1242EA for <dnsop@ietfa.amsl.com>; Wed, 9 May 2018 06:49:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.101
X-Spam-Level:
X-Spam-Status: No, score=-5.101 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nlnetlabs.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 74_kfegyYlKK for <dnsop@ietfa.amsl.com>; Wed, 9 May 2018 06:49:29 -0700 (PDT)
Received: from dicht.nlnetlabs.nl (open.nlnetlabs.nl [185.49.140.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18B631241FC for <dnsop@ietf.org>; Wed, 9 May 2018 06:49:29 -0700 (PDT)
Received: from hydrogen.local (j48230.upc-j.chello.nl [24.132.48.230]) by dicht.nlnetlabs.nl (Postfix) with ESMTPSA id 622548375 for <dnsop@ietf.org>; Wed, 9 May 2018 15:49:27 +0200 (CEST)
Authentication-Results: dicht.nlnetlabs.nl; dmarc=none header.from=NLnetLabs.nl
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nlnetlabs.nl; s=default; t=1525873767; bh=T9TL1UrsFZKSvskyCkFjGg4OvnITJsjIqEDFOTIYYb8=; h=Subject:To:References:From:Date:In-Reply-To; b=Zlyvdr9bgCNXImWhfCibY2VTBcejJvoRMR/CUZWEq9y28437VPt3jYuvNrjfFlpau jg+2TS/3kA+hMVkErjIZUXUgpXNvWuDSs6nHqbCIqRth1ZcmD1LnLUmKaiy0C40hv+ c1E4h+RsLQEU/0yd5RCV6C7FuzBVRwaY6BfSBSKs=
To: dnsop@ietf.org
References: <CADyWQ+EE9YCCM03wKvd-HefpoQVqhOfeeLKLV8L2LJj+tqmEzA@mail.gmail.com> <CACWOCC936z-4j8e+d7bvhfr_Mk8tk64tkuiRDTRtrqrBTJBKJw@mail.gmail.com> <CAHw9_iLgTvPHe5jeL-0QZJ4+cxes8bBpCEULuDKThpjXoKzrbA@mail.gmail.com> <20180406134501.GC49550@vurt.meerval.net> <4A943DE7-81BC-41AC-93F7-4EC0975DF6B6@gmail.com> <CAHw9_iLTJUdTt_YnuC+sw2aNB10iGZ4bbcmOnf4i-y5Zssu0qw@mail.gmail.com> <20180407062714.GA63728@isc.org> <09F25B8D-25CA-47C4-B1A1-DA56B86D68F8@isc.org> <D802B91D-A8DC-4DF7-BF7B-E93E79028BE9@powerdns.com>
From: Benno Overeinder <benno@NLnetLabs.nl>
Openpgp: preference=signencrypt
Autocrypt: addr=benno@NLnetLabs.nl; prefer-encrypt=mutual; keydata= xsFNBE2vPv0BEADE2LbwfYmwzLAiPe4DJ1FlhYQNFEKik7CLTzdmgUrLldhoQBu+UbzKWrqo 4B61d3jRwgEVXkXzUucwzwJxU0hHoQTdLNWf2xjvyBwtG/I/lim2tm8MT9NhRQgGjfi3emHS QeuyfWHntrVRO6hOqGBGjjeVDmAwA9Mq8Lg1i/pH/0fPBNCJgfGv7W+PIGD/HslwAXJJyetN GoFiSp7A0GpPFQcF3e8ZFuHWGeeLCazPZTEESXR4gQhW0uD1Rin0F5Nn+GP/u3A48RiVRYip hoQU2Y/ZFBowXA9kD+Gk1/4mZ3WExkqbWp9k50uC0eUUJyM8MPFSu+PhXQtXYNAXh+d7Dqua nQEWHOD3UfGPIeH8O8xlkFskDxQKqEFQqbkAsODuute+ogbfME3ET9imDGLuiV2ma98zZS4Y 4ABuYmfV8Uj1PanDN2bCBCHOTzMa5U5LB+YbRDSI6bePs86r/ifICofs8W7yqC9U9eV3Vd3A R7p4Ncu5rN5JK0E/4ydBH/2T/3Nbzd6FKvoFPrjR2fsNfi41RaTQ96Zs2igzdW3Q4KbNiZHx 1VhGDCFLJyW9amZJsM7nBDNg1HnNjg6+Wbc21VjCRGYwgejImaJzqG9BJQJV7PH79GP5Mh/0 AqIwkejZkQmnZCnpyRl69cSJ4N9urKpRGHdo7eCJeYCpvzE3owARAQABzTRCZW5ubyBPdmVy ZWluZGVyIChXb3JrIEFkZHJlc3MpIDxiZW5ub0BOTG5ldExhYnMubmw+wsF7BBMBAgAlAhsD BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCTa/1awIZAQAKCRCsiZiNy3/98UrAD/9HRXg7 wFP4E+kIMEz6T2j6lpcLUAbBrZwLsxOD5zH/ClTuRrfDd7nMCGpPtGJVT5pgLurZloRqPBYe QDZn1+a37DUl9t85d4D9J+B6NYP8uxAXZqbSDvDeRPt+NO6wHL1rStv3ZIugX5voJKYlNmvh 3ljvF+VeYjTwZykTd7hXWTwZc4K6Rq3eVfP1aZcDvmjXPWfT4So7VnJTH5XwnDd1zFTjztNM U405uXOM1z9tRYZeDbbSpWidvap+IWHt/OA2Vymd+EKH87yfIxFZsSxT+FGRnxC1Ll3I6TX7 IID1bGP7/SgeZ5yHAq54WTrvTwhib7WWCWmAMnEzdYHTF9bOtiVrGg3LMvfX+g4cuM6aEwqS VOB6zfxwJBcFwYlZ/YhyerhmpIPr4AxnuhEVRX35VSf0XX9Hlb/ETNauCJEKfLFN9VjJ1FC3 7fWOZ+KqvHdFO+gmZ48+5OOqoID8T3QyqoO/MKluV/XTQKkxYXoh3Pf5ZBHshffMUMshFrQi FoZkbkv1DBBtM0YpcDL0+oPH9S8oIpRD0PgpPOrVVC2f23KZ60Lf2vzLJW28/aKEfnGvjU2A ZP7ujjBnQ3bVqdV9iuES6j5W6TpGguvUZ8cjY/n1qfGPvkTgqAG6pQ1UrUMP7Oa+eCml8Ssa GeQkl77jGBjabFnIsW3SVCNOU+waTs7BTQRaJ/NsEAgAn8u+d2VfuogyxrK2SW3r9ZhtQxMo rrizi77DTRqU9sTQjVxRFTJtZ2mdU+E/bi+uc5aYPcehXJSkKA2TZ5/Y2HF4+hDbLslhl22o L6Ti1rfrhdNgir57eY5Bs3DjHkWY59Ij+s1sIL70Z+go66u3x3ChJoM6TXX65vJPRKEYS2Eu ZxEUSgRcssrki9e/Sj1Orsu1J9h4/l7GRGbB5pVLV4/yytShJghijwsjiWYH1SA42T7DVLIy pCy/H/xmJSLO9aW962lJAgHL/J4PSPCLHOk3z364WyrWseb4MLf4gabLTvhuqJ1igrV777L9 oirXEyCxj3nO6WCNqY8ncpgwDwADBQf5AQqPoLRG3chjyvUtkY852rR0vPz4pJP4j+1x8Op5 BEEFCLQa1RHVe0f+L7bl2umtiF+5iatK3SpY1Ra9iU/2Rw26jilLFfymf30OR99SZnL0kicG 4BMoVshN3lWje6DeoAvt6iQfKXEh2cdgbXj3vUcMTpB6wjwalyqhYDgOYXZcsTpHHHCucjjo PvbcMrbNM2wlYaWwrupXbWYaveuVm8JESiZX0XmKPoG7y1mlAOJcfuurDOb1LVFyUX9Uumv2 uSxnycfJQrFwhXcEy8swqZYZGNhw1U8bFYeZPkgkThkIS2PWAT2HczRVVIp86Gt1OAs/ogQN pfZyXigBzIuzIsLBfAQYAQoAJhYhBLflxeOG3VADrVcT4KyJmI3Lf/3xBQJaJ/NsAhsMBQkH hh+AAAoJEKyJmI3Lf/3xTGUP/3JVhY0ILibuuTZxaG4uqS9/POXSswQy2TjC/GvRkhmwall2 57E/YSrbcpEBxZMfRdjKRKlwc0FHvzqlG8Bt0KiuTmEiu14N1ZjsD2ZZp69/inppwMC7QaDT OiGAwkNtTcGEU34od8OlmDolfAy1xZ2EpS/vNHjhsn2RziC1MM7E/b9Fr/X5/Zo3/Qfxb0a4 7BddS3JSN3oG1NHfIa3t/0+eBF1aaejbCAvaBshShonRTaRKPGYM0h7DjHDh/aC46jwrX+TA H66KEc1DcM5Sy/IskgW1HhWRPpDRxGdVI6mVZDAGcPLuLIx8cjRBkOYRkYLeRRPU+TLh1A5f lPaFTgJvajJV2wXYUewuWIk5pEhOIHFi5fTzGR8OW6/PXKe0h5ROQU1lGIgLBO20BAXoBdJj zAi67vFGo4WP+keLy4PZgiWNj/xf6KcOhNYOEUFg0wXjhJud87l8dhZRFvKPefgD37Y0/Jof fpBW7QKUX/9ChJLCQcCBnZIrcxJnz4ii1F1POa5L5ziF1Tew4RX2WFbfNJlyhGRP8xFaNsyW qQfMe+PF9fUa/32K1fCxEJCLTb2Age6cnEEjuWERI4up5Ae8XfvBQj9nM3df4trvewE4KOZ1 nyDa4t9iZCrDMabuudgwJBBxQ2gbnDKQstvp57amDKUKHfG6c3h1R0EanBAl
Message-ID: <0e122460-b78c-be07-7b54-d2d632d6cd49@NLnetLabs.nl>
Date: Wed, 9 May 2018 15:49:25 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <D802B91D-A8DC-4DF7-BF7B-E93E79028BE9@powerdns.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/7-Q6IM_SXf-FT8FSztbLHSqMgxc>
Subject: Re: [DNSOP] on 'when to implement' (was: Re: Working Group Last Call for: draft-ietf-dnsop-kskroll-sentinel)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 May 2018 13:49:31 -0000

Reacting on the "when to implement" part of the subject, and speaking
for NLnet Labs.

On 08/05/2018 11:11, Peter van Dijk wrote:
>> From implementors point, it makes little sense to start implementing
>> before the protocol change is almost fully baked (aka WGLC and
>> further), because until then the protocol might change considerably.
> 
> It makes little sense to call a protocol change ‘fully baked’ if nobody
> has checked that implementation is even possible.

I think there is a sweet point when developers start to think of
implementing a draft.  Not necessarily WGLC, but a stable document is
preferred with us at NLnet Labs.  (We indicated this also on the mic in
the Prague DNSOP WG meeting (or Singapore?) for the kskroll-sentinel draft.)

As Ralph Dolmans mentioned in his email on the list (specifically for
the kskroll-sentinel draft):
"We need a somewhat stable specification before we make code that will
be used in the real world to prevent pollution and in this case would
make it even harder to do proper measurements."

Above is specific for the kskroll-sentinel draft of course, and for
other drafts this point for adoption to get a (prototype) implementation
can be earlier or later.


-- Benno

-- 
Benno J. Overeinder
NLnet Labs
https://www.nlnetlabs.nl/