Re: [DNSOP] RFC7720 and AXFR

Marc Groeneweg <Marc.Groeneweg@sidn.nl> Mon, 29 October 2018 13:36 UTC

Return-Path: <Marc.Groeneweg@sidn.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFD0D130F91 for <dnsop@ietfa.amsl.com>; Mon, 29 Oct 2018 06:36:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sidn.nl header.b=PpJNcnL7; dkim=pass (1024-bit key) header.d=sidnka.onmicrosoft.com header.b=g/5rYDHx
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id beirZbxqpKzE for <dnsop@ietfa.amsl.com>; Mon, 29 Oct 2018 06:36:54 -0700 (PDT)
Received: from arn2-kamx.sidn.nl (kamx.sidn.nl [IPv6:2a00:d78:0:147:94:198:152:69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 87626130F6F for <dnsop@ietf.org>; Mon, 29 Oct 2018 06:36:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=sidn.nl; s=sidn-nl; c=relaxed/relaxed; h=dkim-signature:from:to:cc:subject:thread-topic:thread-index:date:message-id:references:in-reply-to:accept-language:content-language:x-ms-has-attach:x-ms-tnef-correlator:user-agent:authentication-results:x-originating-ip:x-ms-publictraffictype:x-microsoft-exchange-diagnostics:x-ms-exchange-antispam-srfa-diagnostics:x-ms-office365-filtering-correlation-id:x-microsoft-antispam:x-ms-traffictypediagnostic:x-microsoft-antispam-prvs:x-exchange-antispam-report-test:x-ms-exchange-senderadcheck:x-exchange-antispam-report-cfa-test:x-forefront-prvs:x-forefront-antispam-report:received-spf:x-microsoft-antispam-message-info:spamdiagnosticoutput:spamdiagnosticmetadata:content-type:mime-version:x-originatororg:x-ms-exchange-crosstenant-network-message-id:x-ms-exchange-crosstenant-originalarrivaltime:x-ms-exchange-crosstenant-fromentityheader:x-ms-exchange-crosstenant-id:x-ms-exchange-transport-crosstenantheadersstamped; bh=tBr6ENqQ2xd0SPzbtNOZv/EpBbILEOYYj9IGSEhA3cw=; b=PpJNcnL7ZDnq4ZeshDCKXgdleJFrgqQFHt5MkN1oeVWX8nY3K0Ek0pbbFGIkNPzlbJfpj05TfZxt0I6TYTOeTRHqRaAyF3c8/ssQWHvf5fJYtByOOo8DLMgIUKgIn6o7UUH2JewNUQz35kCnICI05JoOXIG7z6Fa8uzU8XlZVf6LomMmDO9yiQr+VOp2i904YN/3eXDQMbrauM7xpxgESEJk07MkG1F4gnQVXSd8mea2hSTu2yDRk9RSd+pjwpN3GMis19e4HajOjKaM3tC2N8Pjc7Wo03kftcdp88MzxAuC1IAVDUPx1hr+FTkTBpHnwOnIzCwfx3zdYE7HWnpCew==
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-db3eur04lp0202.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e0c::202]) by arn2-kamx.sidn.nl with ESMTP id w9TDalRE009367-w9TDalRG009367 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=CAFAIL); Mon, 29 Oct 2018 14:36:47 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=SIDNKA.onmicrosoft.com; s=selector1-sidn-nl; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tBr6ENqQ2xd0SPzbtNOZv/EpBbILEOYYj9IGSEhA3cw=; b=g/5rYDHx6/hQxnJjQFVj63KwSqbt0P/lrHZofBWl1EbpyIIim+PWs9eg/OtArOUvIxiqqHXmr/PbyEj7vxT9oNmBEtrNs+D7eys+pQEEL5jSNXLACt3dIpTPZPVxrvS+UDNsoK1vd2w+h/TGKv3QrHN5qAWjEvXB4HBWHtJq9Z8=
Received: from HE1P194MB0188.EURP194.PROD.OUTLOOK.COM (10.171.128.16) by HE1P194MB0137.EURP194.PROD.OUTLOOK.COM (10.171.127.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1273.26; Mon, 29 Oct 2018 13:36:46 +0000
Received: from HE1P194MB0188.EURP194.PROD.OUTLOOK.COM ([fe80::517c:2abe:619a:9eb6]) by HE1P194MB0188.EURP194.PROD.OUTLOOK.COM ([fe80::517c:2abe:619a:9eb6%4]) with mapi id 15.20.1273.027; Mon, 29 Oct 2018 13:36:46 +0000
From: Marc Groeneweg <Marc.Groeneweg@sidn.nl>
To: Evan Hunt <each@isc.org>, Grant Taylor <gtaylor=40tnetconsulting.net@dmarc.ietf.org>
CC: "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [DNSOP] RFC7720 and AXFR
Thread-Index: AQHUbrqMbF2WJPNTC0ajQA7IvdI8JqU03ZcAgAAFwICAAAuRgIABXUSA
Date: Mon, 29 Oct 2018 13:36:46 +0000
Message-ID: <0EF03F0A-EA5D-43A9-8292-EFD78B7B8F86@sidn.nl>
References: <2c00abd8-1c0d-cfee-5a5f-764a90f3f38c@andreasschulze.de> <20181028164441.GA22119@isc.org> <11f5c334-dc1a-07c0-e1b2-d7213be278d3@spamtrap.tnetconsulting.net> <20181028174641.GA22526@isc.org>
In-Reply-To: <20181028174641.GA22526@isc.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.12.0.181014
Authentication-Results: arn2-kamx.sidn.nl; spf=pass (sidn.nl: domain of marc.groeneweg@sidn.nl designates 2a01:111:f400:7e0c::202 as permitted sender) smtp.mailfrom=marc.groeneweg@sidn.nl; dkim=pass header.i=@SIDNKA.onmicrosoft.com
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Marc.Groeneweg@sidn.nl;
x-originating-ip: [2a00:d78:0:300:9cd3:e618:b180:d089]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; HE1P194MB0137; 6:KE+HjPHQs0qNCx3knwUVFkMjeG+QNKzAtQpSQJ2OFHopYZJIMVa4KU8iP9rHJUrtfH+4elPJgsqWk7/Zxky66BEXu4wVCgC7+avq+oTmoEnVblmrShh6VaSmTKb9P5NeerK1Zs4to3BKlJchcTDYzeWLBvxeb1FOd8hgBddgGr0MM8IQca2gVDIlA9Zep/P87/m1FLVXT9GNnZlqV5E1H2aQft9ihFTrN8Rolr1O7NTNrW0qALbKJqOxZjEGxO+RyGfFS9uRbcfXPSl+WmEP6BJ5BVGEWw2gbpeAq8Wxv5ionoLYczRsXydB/5IcXPHODfd1v+KhpnV8HidFrvi6J8pzViJ26ob08rE8c8IUi1vkZuKg5d0n493kZI2eTJ/hWZuzIKzB05zlxA7JNOBFC7nn/YOZtqDegT75LDaDSJSIFGXLDIyc1k8DX6FLMulnaKx+NJrLFtKPkYyo7H6N6Q==; 5:zoYKK14ytN9mP3doayoR4eRRDkWFN7f90u+jxqTXF5w2D/DOSCSLwGHjiFVe0E/e8Y/6ULXGRoi1DnLacvZivd9vlOftfWY+UKS8Q7MqpkvcKwJ+izWFpfJD3jTt3ip9NZGfPirkzekNUhwsleLu6CR6ltgQ6TFz71edfdkMqvk=; 7:2D3Ffe6ILWS9U9vhnpdeoGG8ykR2KAczO0I/yFXrOqpDJrguNBPQgoEl7e9d90PV4CfMCqVo0XVO9hSagUiHRwXCD2hV+HGuZwkTLk+X+ASa76Aq5tURU1/+MiVLHkV3x1QWYogUA+csrUadi7+/9w==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 562201fc-05c2-48b2-cd83-08d63da3924f
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600074)(711020)(2017052603328)(7153060)(49563074)(7193020); SRVR:HE1P194MB0137;
x-ms-traffictypediagnostic: HE1P194MB0137:
x-microsoft-antispam-prvs: <HE1P194MB01378299B3FD78B6F14FFD4794F30@HE1P194MB0137.EURP194.PROD.OUTLOOK.COM>
x-exchange-antispam-report-test: UriScan:(158342451672863);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(102415395)(6040522)(2401047)(5005006)(8121501046)(3231382)(944501410)(4983020)(52105095)(3002001)(10201501046)(93006095)(93001095)(148016)(149066)(150057)(6041310)(2016111802025)(20161123562045)(20161123560045)(20161123564045)(20161123558120)(6043046)(201708071742011)(7699051)(76991095); SRVR:HE1P194MB0137; BCL:0; PCL:0; RULEID:; SRVR:HE1P194MB0137;
x-forefront-prvs: 084080FC15
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(39840400004)(366004)(376002)(136003)(346002)(189003)(199004)(446003)(11346002)(6486002)(2900100001)(71190400001)(71200400001)(6246003)(486006)(102836004)(33656002)(83716004)(2616005)(966005)(229853002)(476003)(25786009)(74482002)(256004)(68736007)(99286004)(46003)(186003)(2906002)(508600001)(72206003)(8676002)(81166006)(76176011)(316002)(106356001)(8936002)(53936002)(58126008)(110136005)(93886005)(81156014)(6506007)(105586002)(6436002)(4326008)(7736002)(99936001)(14454004)(305945005)(82746002)(36756003)(6116002)(86362001)(5250100002)(6512007)(97736004)(6306002)(5660300001); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1P194MB0137; H:HE1P194MB0188.EURP194.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: sidn.nl does not designate permitted sender hosts)
x-microsoft-antispam-message-info: XTZMqjMSRPYVyjh0g/qF1nIUiRfzXDPA9/+N91KnoioolxfVzRp8NxPJtMjnytpRy1EFgyGo9AvOi8CeCQZUSFfKU7YSHzwEuVk2PwWJMQ1JDbPg4MLK1GawXf2vBbqHGBPt/fXtgHLGMuebvtbrljgIaelZ/Ai0P+SolPKSfFykJwXqzbcMBk7KznLa8T+VGdhq+2gW97+V9S9eeMJnPrp3NCRYNCeb5sBd3K+QlNRI2Hd4aNnLZD3h2OEdB1KrgNMmab1m0bp8D8w2Kl7hq7zOrfovcSyQyw1DCYRBEodomHLHTjEBCW4ffdc8ocv98nlrOeKR6wkUxfv1twa6+WMZ1qLY1c8OqvqnmzLMwL0=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha256; boundary="B_3623668605_779715332"
MIME-Version: 1.0
X-OriginatorOrg: sidn.nl
X-MS-Exchange-CrossTenant-Network-Message-Id: 562201fc-05c2-48b2-cd83-08d63da3924f
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Oct 2018 13:36:46.1609 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: ab4d3626-c1c5-4a75-ab85-427f1a644a7d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1P194MB0137
X-FEAS-SPF: 2 / 2, ip=2a01:111:f400:7e0c::202, helo=eur04-db3-obe.outbound.protection.outlook.com, mailFrom=marc.groeneweg@sidn.nl, headerFrom=marc.groeneweg@sidn.nl
X-FEAS-DKIM: Valid
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/AmdolUSuuNWzAEDTyMXfeoRCv7c>
Subject: Re: [DNSOP] RFC7720 and AXFR
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Oct 2018 13:37:03 -0000

I hear a use-case for draft-wessels-dns-zone-digest

On 28/10/2018, 18:55, "DNSOP on behalf of Evan Hunt" <dnsop-bounces@ietf.org on behalf of each@isc.org> wrote:

    On Sun, Oct 28, 2018 at 11:05:17AM -0600, Grant Taylor wrote:
    > Does root zone local mirroring require that the zone comes from the 
    > lettered root servers themselves?  Or could it come from another server 
    > with the root zone?  Possibly a server that one or more operators set up 
    > specifically for the purpose?
    
    You're right, it could, and I'd forgotten earlier that the appendix
    does also mention lax.xfr.dns.icann.org and iad.xfr.dns.icann.org.
    
    However, the root servers are the root servers. We all know A through M by
    heart, and resolvers have their addresses built in and kept up to date.
    Seems like a useful thing to leverage, if possible.
    
    -- 
    Evan Hunt -- each@isc.org
    Internet Systems Consortium, Inc.
    
    _______________________________________________
    DNSOP mailing list
    DNSOP@ietf.org
    https://www.ietf.org/mailman/listinfo/dnsop