IETF Logo Mail Archive

Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveuse-01.txt

Ray Bellis <ray@bellis.me.uk> Mon, 26 October 2015 15:59 UTC

Return-Path: <ray@bellis.me.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03CD41B2F94 for <dnsop@ietfa.amsl.com>; Mon, 26 Oct 2015 08:59:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cJ2iX6KfvzwV for <dnsop@ietfa.amsl.com>; Mon, 26 Oct 2015 08:59:12 -0700 (PDT)
Received: from hydrogen.portfast.net (hydrogen.portfast.net [188.246.200.2]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 38F681B2F89 for <dnsop@ietf.org>; Mon, 26 Oct 2015 08:59:12 -0700 (PDT)
Received: from [46.227.151.81] (port=62281 helo=Rays-MacBook-Pro.local) by hydrogen.portfast.net ([188.246.200.2]:465) with esmtpsa (fixed_plain:ray@bellis.me.uk) (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) id 1ZqkAu-0003jk-AZ (Exim 4.72) (return-path <ray@bellis.me.uk>); Mon, 26 Oct 2015 15:59:08 +0000
To: Evan Hunt <each@isc.org>
References: <20150310.191541.52184726.fujiwara@jprs.co.jp> <5753B8EC-60EC-44F3-872E-94766558EE50@redbarn.org> <20151025104914.GA23386@sources.org> <4681433.xxzpcmHjWT@sume.local> <562DED9E.40305@bellis.me.uk> <20151026153219.GA60033@isc.org>
From: Ray Bellis <ray@bellis.me.uk>
Message-ID: <562E4DCE.6030407@bellis.me.uk>
Date: Mon, 26 Oct 2015 15:59:10 +0000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <20151026153219.GA60033@isc.org>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/7WKSQhcMHfRr-x0FpthSwHqCfsM>
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveuse-01.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Oct 2015 15:59:14 -0000


On 26/10/2015 15:32, Evan Hunt wrote:

> But RFC 5155 is clear on the subject; empty non-terminal nodes are
> mentioned under "no data" rather than "name error".

Ah, thanks, that's useful to know, and further it specifically says that
the NSEC3 ETN response is different to an NSEC ETN response.

I still thinks that RFC 4035 merits an errata, with perhaps all that's
required is for the "Name Error" title to be expanded to say "Name Error
Response or Empty Non-Terminal Response" (thus avoiding any implication
that an ETN Response is a subset of a "Name Error Response").

Ray

v2.23.0 | Report a Bug | By Email