IETF Logo Mail Archive

Re: [DNSOP] draft-ietf-dnsop-rfc6598-rfc6303-01

"William F. Maton Sotomayor" <wmaton@ottix.net> Thu, 14 August 2014 00:57 UTC

Return-Path: <wmaton@ottix.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25A741A0651 for <dnsop@ietfa.amsl.com>; Wed, 13 Aug 2014 17:57:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.568
X-Spam-Level:
X-Spam-Status: No, score=-2.568 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6vc22YQfa_iV for <dnsop@ietfa.amsl.com>; Wed, 13 Aug 2014 17:57:49 -0700 (PDT)
Received: from iskra.ottix.net (iskra.ottix.net [IPv6:2001:410:90ff::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2793B1A0650 for <dnsop@ietf.org>; Wed, 13 Aug 2014 17:57:49 -0700 (PDT)
Received: from iskra.ottix.net (localhost [127.0.0.1]) by iskra.ottix.net (8.14.9/8.14.9) with ESMTP id s7E0vlPT004773 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <dnsop@ietf.org>; Wed, 13 Aug 2014 20:57:47 -0400
Received: from localhost (wmaton@localhost) by iskra.ottix.net (8.14.9/8.14.6/Submit) with ESMTP id s7E0vkSQ004767 for <dnsop@ietf.org>; Wed, 13 Aug 2014 20:57:47 -0400
Date: Wed, 13 Aug 2014 20:57:46 -0400
From: "William F. Maton Sotomayor" <wmaton@ottix.net>
To: dnsop@ietf.org
In-Reply-To: <20140814001610.3124D1CC688D@rock.dv.isc.org>
Message-ID: <alpine.DEB.2.03.1408132051001.20506@iskra.ottix.net>
References: <20140814001610.3124D1CC688D@rock.dv.isc.org>
User-Agent: Alpine 2.03 (DEB 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/AJPzPfE0cJD4TaIpA35GXi3wD0w
Subject: Re: [DNSOP] draft-ietf-dnsop-rfc6598-rfc6303-01
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Aug 2014 00:57:52 -0000

Hi

I have read through this and would support its progress.  A reminder for 
the record would not be a bad idea I think.

On Thu, 14 Aug 2014, Mark Andrews wrote:

>
> 	Can we please move on this.
>
> 	The reverse address are not yet insecurely delegated as
> 	would be required for RFC 6598 compliance.  This is starting
> 	to cause operational problems for ISP's that validate DNS
> 	responses as they can't deploy local IN-ADDR.ARPA zones
> 	until that insecure delegation is done.
>
> 	Also should I add a reminder to the IANA Considerations that
> 	the insecure delegation needs to be performed?
>
> 	e.g.
>
> 	"IANA is reminded that a insecure delegation for these zones
> 	is required for compliance with RFC 6598 to break the DNSSEC
> 	chain of trust."
>
> 	Mark
> -- 
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE:	+61 2 9871 4742		         INTERNET: marka@isc.org
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>

wfms

v2.30.2 | Report a Bug | By Email | System Status