Re: [DNSOP] Éric Vyncke's No Objection on draft-ietf-dnsop-dns-zone-digest-12: (with COMMENT)

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Thu, 08 October 2020 13:45 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACDDB3A07CE; Thu, 8 Oct 2020 06:45:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.598
X-Spam-Level:
X-Spam-Status: No, score=-9.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=ToUsgrEP; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=e/UXyuYQ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qVqPxoBRICSP; Thu, 8 Oct 2020 06:45:28 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AEAA13A03F5; Thu, 8 Oct 2020 06:45:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3158; q=dns/txt; s=iport; t=1602164728; x=1603374328; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=wJqZOlVtzfRqOQPPZpJigCQko9ujmOySU9IUb8G+fRM=; b=ToUsgrEPDHsHfM4whEgqUwaFXa7fazjw63MJ3OKvr/1GTgVOVZGn+DGy I5vlySSqRRn5HbtNmhoivSEesomGp/Tg8LiGcOoVbWdL4flU07NRjkJse FFiTgSKABbbRBciaXN66VwRQlY3hQpFQyVmajGOSkmzJ71LsX2l1L4CG/ A=;
IronPort-PHdr: 9a23:dx6KwRO/2pn7XQzbxSYl6mtXPHoupqn0MwgJ65Eul7NJdOG58o//OFDEvK8x3lPMVJ/QrfNJl+SQtLrvCiQM4peE5XYFdpEEFxoIkt4fkAFoBsmZQVb6I/jnY21ffoxCWVZp8mv9PR1TH8DzNFHXq2e5qz8fBhu5MhB6daz5H4fIhJGx0Oa/s5TYfwRPgm+7ZrV/ZBW7pAncrI8Ym4xnf60w0RDO5HBPfrdb
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ACCwD0Fn9f/4MNJK1gHgEBCxIMQIMhKSgHgUkvLIEzgwqDRgONKiaFLIRljmqBQoERA1ULAQEBDQEBLQIEAQEPhDsCF4FzAiU4EwIDAQELAQEFAQEBAgEGBG2FXAyFcgEBAQECARIREQwBATcBCwQCAQgRAwECAQICERUCAgIfERUFAwgCBAoEBSKDBIJMAw4gAZ4dAoE5iGF2gTKDAQEBBYUtDQuCEAmBDiqCcoNrgikbhBIbgUE/gREnDBCCTT6CGkIEgRZHP4JYM4ItkCKCZT2TBZBCUgqCaJVcBIUHAx+DE4oFlBeEU5wikkECBAIEBQIOAQEFgWsjgVdwFWUBgj5QFwINjh8MFxRuAQiCQ4pWdAI1AgYBCQEBAwkBe41MAQE
X-IronPort-AV: E=Sophos;i="5.77,350,1596499200"; d="scan'208";a="835700217"
Received: from alln-core-1.cisco.com ([173.36.13.131]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 08 Oct 2020 13:45:27 +0000
Received: from XCH-RCD-004.cisco.com (xch-rcd-004.cisco.com [173.37.102.14]) by alln-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id 098DjRuo029779 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 8 Oct 2020 13:45:27 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-RCD-004.cisco.com (173.37.102.14) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 8 Oct 2020 08:45:27 -0500
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 8 Oct 2020 08:45:26 -0500
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Thu, 8 Oct 2020 09:45:26 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=F6ZGyilmDlgGqLBygdpuPzn519PNZfhCN7cdMnJCtcF+pJq9dlxOaC6ofdaS4387H7Nqnin7r4m4j78dAvf8tXgriW30+QdVuhjkZZK5f4Z+LHPt6qRX//nd76/ccpt7lNlir76LdaASxA4ejNVajUQSZ6ssU+6fP/pAN1HOK44zwO+0oN9oMFtGsc8eIVcsSbV/ehsXkE8i/bUmwqIDQSKZyd8vkClIfRICvCtMOYMe2CaHRh7ybmm4d5kyfvPvjR+d9yxzF8ds+GCfC/ik5GEZ/oFGZQDyl2lKpy2mYfEcbHbazr0LbatSXJIptt3JWfRl55b4HamNpe9J5KEOkg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wJqZOlVtzfRqOQPPZpJigCQko9ujmOySU9IUb8G+fRM=; b=nMVyi+bEWWIRTbHc6PQR3JAkwKPKGGwvfCxgk3qSDjj03ijnpONOEWzU3Fnge4W91dbijvwsQzPSCZhOxS0O1/HUk+ftOj5U8gy4LRh3v2rd4gCuSTEchtRqC08kLqvpT9mHjOYgMGypipvvf6qM/UOISs0YCDJtGpqN7ygSm5HrB8Ia1sXQLZZzbF3NJ4lJWCmDGnU+T8w7hDyPAOGkFf/ulPExC8itlcWOu71fG9o/mXQkdwOzCT3LvQHyzZbQH/MENJFb7CUkE3WGryeZa1gE4KlBWnkgJS/mirIvLV8I5aRyzrAAqRq38MJqnlHToGyht1UMGr6sVrmN9fc9HA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wJqZOlVtzfRqOQPPZpJigCQko9ujmOySU9IUb8G+fRM=; b=e/UXyuYQ3A/WnX9GeCFzGrrLIqfLL6M1gFs1Kp9czymiNOObdg0Pa8HoAKZGEk3TxIB9MIoDXAgQuy+15kGxq0IvXcZ2kvf/Ge68VaMBPQNMNTXI8ZrG1INnqIKt+Qdg1PibI4DQwLZ7zRL4K8Q4Yqeh33MdethZSE6miiOnXYU=
Received: from BN6PR11MB1844.namprd11.prod.outlook.com (2603:10b6:404:103::20) by BN6PR11MB1586.namprd11.prod.outlook.com (2603:10b6:405:f::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3433.32; Thu, 8 Oct 2020 13:45:26 +0000
Received: from BN6PR11MB1844.namprd11.prod.outlook.com ([fe80::d525:a81a:74e0:12e7]) by BN6PR11MB1844.namprd11.prod.outlook.com ([fe80::d525:a81a:74e0:12e7%12]) with mapi id 15.20.3455.025; Thu, 8 Oct 2020 13:45:25 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: "Wessels, Duane" <dwessels=40verisign.com@dmarc.ietf.org>
CC: "draft-ietf-dnsop-dns-zone-digest@ietf.org" <draft-ietf-dnsop-dns-zone-digest@ietf.org>, Tim Wicinski <tjw.ietf@gmail.com>, "dnsop@ietf.org" <dnsop@ietf.org>, "dnsop-chairs@ietf.org" <dnsop-chairs@ietf.org>
Thread-Topic: Éric Vyncke's No Objection on draft-ietf-dnsop-dns-zone-digest-12: (with COMMENT)
Thread-Index: AQHWnI72WEXUdmPkL06jFaq8bNZvmqmMkfIAgAFJAgA=
Date: Thu, 08 Oct 2020 13:45:25 +0000
Message-ID: <782D217A-381F-4233-8B47-868BA1F20D60@cisco.com>
References: <160206406753.9126.4859724450652537152@ietfa.amsl.com> <4E6F88EA-3861-4657-A161-69ABD1177242@verisign.com>
In-Reply-To: <4E6F88EA-3861-4657-A161-69ABD1177242@verisign.com>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.41.20091302
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2001:420:c0c1:36:4547:e946:96f1:ba38]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cf291f6e-8c08-4c90-5ada-08d86b90694a
x-ms-traffictypediagnostic: BN6PR11MB1586:
x-microsoft-antispam-prvs: <BN6PR11MB15860E049B540430C9D1C84CA90B0@BN6PR11MB1586.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /NMk/rWaUA+8WwpBr+n5V0lcCUXKRNVasDNGf/fz4986u5ScY/97CFp8MptgEagMLC+kVsRVROPh0suSn1eeEa5Nodxy6Igqail8S1Pwq9TpHtQ42FGkAhLqo/Wc4DoR0TMxmJeqRb9r6fHZok90ZrrFHrkpE5pDN15qVzr+NbuMie0eNbwkSpcwEjdifae31djgZiqvoH+3cuKKRxeEKFtcuNRIYKYNwjE2JzUlNGXiDNUFdGqQjeBQczkbMgjbPgomnO+Pr4Owuuk8MMSXYDojoOZTvNTuR7609/0gJvY7jzij0lwH7UiuwjFxYRQWrHFrQioz9ezuaMnLHMHIPg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN6PR11MB1844.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(39860400002)(346002)(396003)(376002)(136003)(6512007)(224303003)(2616005)(6486002)(54906003)(8936002)(478600001)(316002)(4326008)(86362001)(33656002)(6506007)(186003)(53546011)(2906002)(71200400001)(83380400001)(36756003)(66946007)(91956017)(66556008)(66476007)(76116006)(64756008)(66446008)(5660300002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: ArLFUI60Cd4InkGsik+yjN39v82k6qy12zmxpGj+0/I72eV8lQ0dWPy/Y1QuRT1AQyrVM08J5l2J/TzpZBL3GYhCkUxKb9vHHrO/dHR3gtU8TR2u0SLKekbZ63YPGH1R2I7yLlNS9ZGFYPpqXb56OvYzo0srTf0mGzeRvBZ3/rzmcp4qwuPhNQinQuVFR9tZ0E9q9bPqNVNxB6SrJYyWwharyE1Xkqz1QbXC2dmZHFR3SZYgc237beGKZdyoGevJhnOMS2N4kwfJeWTJRX4NjVZ1RjgV71W2wQ/AbSBJwfC7dSMJp+Zszw+/H9PLHCjHK8ruYJQYH1nYzZ19Tlo8eQ32bGFkklQvET0hJYrP2GL57E74PJVvqAygOIJk7MmG+05JcUw8kwfXnf7/7gmRhGBmfSPHjKku+EnN070+GTC00ksbMYZdZG8UMVgtAqwHwTRBr+rlyD6a3UpdEKysy3H2e8TstdxGlF2DZj0Tv0DueBflaR7EVK4xetrCOIqCSQ7JcbWkUQ2wHXnOmuoRNl/vAF5573pKOmx5a3CbgdWcbSEK2/MKyOFpKGh0fTiKPdnb4ghet0u1LItJ1ud9PCCH9AqmRJHLMsLYPJbbq/nzAnSWrPxJhx8MxmKYJ1/bvT4AlIF7mb5sAxZ6zN/BZ98B1pVg9EAJpUPM85BFrFvyIlv4bhnQEsvIAq75kckVZhmBY8vO8sbHFVDHu0X1uA==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <73DA8FDA045EF34E820AF28FD5E38D3C@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN6PR11MB1844.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: cf291f6e-8c08-4c90-5ada-08d86b90694a
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Oct 2020 13:45:25.7668 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: tFEK0xrYM+VOYqlAx6ra7dBaZVsodX1thfY+OLZjFnb3NXA/dX5XUCihM++4/eW73qxxFHGHEvc+xNDEJcmdHg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB1586
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.14, xch-rcd-004.cisco.com
X-Outbound-Node: alln-core-1.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/AHoVNQ5ZnqOoSvWO7np9rJl-7Uc>
Subject: Re: [DNSOP] Éric Vyncke's No Objection on draft-ietf-dnsop-dns-zone-digest-12: (with COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Oct 2020 13:45:31 -0000

Thank you Duane for the quick reply and for taking into account my comments

Regards

-éric

-----Original Message-----
From: iesg <iesg-bounces@ietf.org> on behalf of "Wessels, Duane" <dwessels=40verisign.com@dmarc.ietf.org>
Date: Wednesday, 7 October 2020 at 22:08
To: Eric Vyncke <evyncke@cisco.com>
Cc: "draft-ietf-dnsop-dns-zone-digest@ietf.org" <draft-ietf-dnsop-dns-zone-digest@ietf.org>, Tim Wicinski <tjw.ietf@gmail.com>, "dnsop@ietf.org" <dnsop@ietf.org>, "dnsop-chairs@ietf.org" <dnsop-chairs@ietf.org>, The IESG <iesg@ietf.org>
Subject: Re:  Éric Vyncke's No Objection on draft-ietf-dnsop-dns-zone-digest-12: (with COMMENT)



    > On Oct 7, 2020, at 2:47 AM, Éric Vyncke via Datatracker <noreply@ietf.org> wrote:
    > 
    > Éric Vyncke has entered the following ballot position for
    > draft-ietf-dnsop-dns-zone-digest-12: No Objection
    > 
    > ----------------------------------------------------------------------
    > COMMENT:
    > ----------------------------------------------------------------------
    > 
    > Thank you for the work put into this document. I really like the idea of
    > protecting the zone integrity even at rest.
    > 
    > Please find below one non-blocking COMMENT points and one nit. I would really
    > appreciate a reply for my comment about section 1.2.
    > 
    > I hope that this helps to improve the document,
    > 
    > Regards,
    > 
    > -éric
    > 
    > == COMMENTS ==
    > -- Section 1.2 --
    > Why is draft-ietf-dprive-xfr-over-tls not mentioned in this section as an
    > alternative for data on the move?

    Just an oversight.  The document does (did) mention "a future version of DNS-over-TLS"
    which I think was meant as a reference to draft-ietf-dprive-xfr-over-tls when that was
    just getting started.  Ben pointed this out as well and I suggest changing the text to this:

       The Transport Layer Security protocol suite also provides channel
       security.  The DPRIVE working group is in the process of specifying
       DNS Zone Transfer-over-TLS [I-D.ietf-dprive-xfr-over-tls].


    > 
    > == NITS ==
    > -- Section 1.4.3 --
    > Suggest to add "(RPZ)" after the first use of the expansion.
    > 


    Done.

    DW