IETF Logo Mail Archive

Re: [DNSOP] HTTPS and SVBC key names.

Dick Franks <rwfranks@gmail.com> Wed, 22 July 2020 17:26 UTC

Return-Path: <rwfranks@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D24473A0528 for <dnsop@ietfa.amsl.com>; Wed, 22 Jul 2020 10:26:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BTtolOG9og44 for <dnsop@ietfa.amsl.com>; Wed, 22 Jul 2020 10:26:58 -0700 (PDT)
Received: from mail-il1-x131.google.com (mail-il1-x131.google.com [IPv6:2607:f8b0:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E3D93A0486 for <dnsop@ietf.org>; Wed, 22 Jul 2020 10:26:58 -0700 (PDT)
Received: by mail-il1-x131.google.com with SMTP id t18so2018107ilh.2 for <dnsop@ietf.org>; Wed, 22 Jul 2020 10:26:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=xFZWTxfSQYNckibh6Lju/yyTdLZKFhwsJGbgDLN3owY=; b=skC+wV31wiAEjnqMUyxI2zpLQS95a/BAqjBXMLFaCFX+GasXVc97O4gwNb53+jXykO Q8fyyt3zajTsYzYgOrBoLBG30YsephFRl3LCQCFcoO2ftJGXNkouvuHxuLSJw6fGy1IW m5CXppXXOkpoSjaUPIhT9ptF8CiqebQDTYCZYRJmqbYkYDe1AiTmzc/JanQImvB3f0qs DrZ38wWJlywAVTy5fnSCO1jOa4Wr3qXX5bkjNOeG0hD3PR36L9MIqnLwfbBx9OEm7oGJ PkkwUYc0G5c35exyvYVutZFtKAcIzjQ+Qh63fs9fzc6QKUBYZOzco+fPkOruN6YwG7tJ l2xg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xFZWTxfSQYNckibh6Lju/yyTdLZKFhwsJGbgDLN3owY=; b=DYMIDwgKy/O+XxDOLuai9VVA+VyOnpRQel2TmCKygTKEU1Q7s+YG98DlOmPNpQb8lG DiERTgXS3Xk0LyGPO9DQP63NFle+JLgfa8Sm6sC/6QEp5+j8iJm3QksbZWpokx4gdnCa pPJTMG/W/vqXkxq1wNAJzBX7mY2gQT7R7gpqMEz2QYL8E0PQ0mSVcNUuXA7FraTPW1Bh h28t7jAIiErpyVscAPX4SZOvVCFC+SnfxKXcPlPtSNrK/eCGfumg7Spmt1rXw2l26ukd M0lDmcUV4aLaBB64bVt6koCF3g3322PBkNv5FnUOLSwmsmBUnuzgasVqUTslujyNACPU 2h/g==
X-Gm-Message-State: AOAM533WK/qfAAmcu8kdwYSE/7pUq5hvqSEJULzYSxM4JRU3qdEo5eMM lT+g9CZfg0MaYTmue+1V3HlHZvh+Vy3QPQxV6gI=
X-Google-Smtp-Source: ABdhPJxr2hlkevaYsHyTUip3zSWU6O7HjdmcFFctULWGlJGRYfLv+Z9cKcSz1fQGPeqKjiWf0k4SqYqzcr9U9KQrOik=
X-Received: by 2002:a92:aa92:: with SMTP id p18mr911942ill.199.1595438817601; Wed, 22 Jul 2020 10:26:57 -0700 (PDT)
MIME-Version: 1.0
References: <23FA2BA0-43B9-49A3-B288-3ADFCE1D1DB1@isc.org> <CAHbrMsDOyTXyJydro8enSePy9COOfK7AVL6Pqv94YGAGhg41Hg@mail.gmail.com> <CAKC-DJiBw7vDr_KA1sb+ephuagRCT84f1B0PGXJptPiZTh2CSg@mail.gmail.com> <CAN6NTqxGLF0tZ17TX8jy2YWPf=qHhW93=fKETJ4kScJbQUUgxw@mail.gmail.com> <CAKC-DJiMngJonCp2EPrHTWMHwV0VAGquf733YcTZ9JSTFtwAhA@mail.gmail.com> <CAH1iCipbR9D_Tqc4dW5zARpEgjZ=-b3d6ZywPzo0=jfBedppYw@mail.gmail.com> <CAKW6Ri7K7efEj81nKJq7W0MKyn9rDOL7bLt-zVUokodVfrjAwA@mail.gmail.com> <CAHbrMsC-5wvxsmrzHnrnfUZOG1wQsGmEF2m2jMt4a5vieK7Nyg@mail.gmail.com> <CAKW6Ri7aF0knx2SFJgx4OxxVJfeNWYJ3pJBmxXQH+UMZ0P4_Rw@mail.gmail.com> <CAHbrMsBTnFmJdj9KYfzGajKmbWJ1+XF_f8BGMPnLy=MFAhCygg@mail.gmail.com> <CAKW6Ri7Cmt43uH_yV0Hjz64b3PynR9WS3NgLf5YZ1K9kwEzXFg@mail.gmail.com> <DD4DBB1F-A0A4-4AC0-9CD5-AE62F903177D@isc.org>
In-Reply-To: <DD4DBB1F-A0A4-4AC0-9CD5-AE62F903177D@isc.org>
From: Dick Franks <rwfranks@gmail.com>
Date: Wed, 22 Jul 2020 18:26:21 +0100
Message-ID: <CAKW6Ri7v2=T_HRSAkR1KzMX8ZYHpu3OwwSH7jY6tQyz=ba_67w@mail.gmail.com>
To: Mark Andrews <marka@isc.org>
Cc: Ben Schwartz <bemasc@google.com>, dnsop WG <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000fbeab805ab0b0b91"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/7ZpMjcnCy2NCWXL-9goIoeicVYg>
Subject: Re: [DNSOP] HTTPS and SVBC key names.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2020 17:27:00 -0000

On Tue, 21 Jul 2020 at 00:25, Mark Andrews <marka@isc.org> wrote:


> > IMHO, tarted up RFC3597 format is easier to read.
>
> Well the presentation form clearly is designed for printable ASCII to be
> rendered as ASCII.
>

Except for the inconvenient fact that Net::DNS also works on OS390 which
speaks EBCDIC.


> Example:
> >
> >     use Net::DNS;
> >
> >     my $rr = new Net::DNS::RR <<'END';
> >     example.net.        300     IN      HTTPS   1 target.example.net.
> >         mandatory=key0,key1,alpn,no-default-alpn,key99  ; with
> duplications and other sins
> >         alpn=h3-29,h3-28,h3-27,h2
> >         ...



> Which is a interesting conversion of
> "mandatory=key0,key1,alpn,no-default-alpn,key99”. I would expect the parser
> to reject the record as mandatory contains “key0” in the list.  I would
> also expect the parser to reject the record as there is no “key99” in the
> record.  I would never expect the parser to strip out keys listed in
> mandatory just because they are not present in the rest of the record.
>

Good idea.
I was only raising these exceptions on received packets, but the same tests
are reasonable for freshly created RR.

--Dick

v2.23.0 | Report a Bug | By Email