Re: [DNSOP] New draft on delegation revalidation
Shumon Huque <shuque@gmail.com> Sat, 11 April 2020 17:07 UTC
Return-Path: <shuque@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 706D93A153F for <dnsop@ietfa.amsl.com>; Sat, 11 Apr 2020 10:07:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AVf8Ol50cHrP for <dnsop@ietfa.amsl.com>; Sat, 11 Apr 2020 10:07:30 -0700 (PDT)
Received: from mail-ot1-x32b.google.com (mail-ot1-x32b.google.com [IPv6:2607:f8b0:4864:20::32b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 088D63A153E for <dnsop@ietf.org>; Sat, 11 Apr 2020 10:07:29 -0700 (PDT)
Received: by mail-ot1-x32b.google.com with SMTP id v2so4913189oto.2 for <dnsop@ietf.org>; Sat, 11 Apr 2020 10:07:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=MnQ+qK1OCHYbMwTntDUZqdQYfJFey6HVlJedSPhgTCE=; b=J1Ixy0fbu3Gm4MkwcZKRF1/EaJhuNIxWVqWmqhzTFMN8c8JSAMFpA3BhtbpEEmg69G PueBtEtqY1KHW14EVuVf4j3FeSFBleGrjwczxIME5mO67O0tjwBUwRi9vQ+hw2cC2VYQ N5tvRrnneerlgQ5J8XOxvpdybBsM2beRqqvX3Ca0Hx1Udc1EnHJH9Qrx/KtcdUKXEWdZ 8kdv5J81o1MgNqHStUnIqU4Wkc6qY96OpDtghf/ERmaUaK4Iv6QFH8EO5bNNn3NVwSNY CgXd/VLmKOV1ZOtW+A1uQGpggTfAp0ZJG2lAwtdO4p/epCZiX7S0PW0mEN6njrqKOWIo o58Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=MnQ+qK1OCHYbMwTntDUZqdQYfJFey6HVlJedSPhgTCE=; b=g/lPYjDZV2IJKQfgtTncaXfgNIp4yICv9udqDZWY2To+ptDPDbxQ9v+tQZdFkqsSXl NjWstI4G1O38WLZXwtA40kMBJbK0PGkERRkvEbfC8kX3yZMq1UH/ZLKG9u7gYP0dVk93 etcgoEoxwmrAQoHq7o7+lZRcq6CbuCNU5C++bxyB5QvCIHfLfOeRHBFnp1Pv4jzd61pm VjsN0hR35PZ+VEFhR5lYZZP3uGF17V6b2O4k8kJLcMqFnfzIKII+lcnQLae9/tJqiPky e2fV3rI0djZhY56TqKFWsqocHAoqB6Bs82aRVmEKsXaPTHp+kVwP2lcN65PXlKhtucri 6GaQ==
X-Gm-Message-State: AGi0PuZY28WbvtIHeQZEJJymLhK/L5nkNZV11VCV6FOBpHN4Vlv+bvCS 6+Owf5zgTepVFElaubmvBEpGHRrX6FXyUoAL6LM=
X-Google-Smtp-Source: APiQypK6U0hxtBTup/I2BchZH0sjoUEzsWM3mOwSRCK5DJ7xIkxGeRecvgYy+s7+zVHbpk8OsSSMfNkusO/Eyw+24f8=
X-Received: by 2002:a05:6830:199:: with SMTP id q25mr8860188ota.341.1586624849227; Sat, 11 Apr 2020 10:07:29 -0700 (PDT)
MIME-Version: 1.0
References: <CAHPuVdV9eSCLQOqMF0cq8fHcuSZs7nCgjhHMfMoaV5H=ekbtSA@mail.gmail.com> <CAH1iCiqcdQCDs0gY=+zJdkfLx4+mbEAzSZp1hPJuyM5U0KTAiQ@mail.gmail.com> <CAHPuVdUjsC62TK-4WeaL-TWgBpz_qk7mQb=JqGQd5U_djXNA3Q@mail.gmail.com> <20200411163402.GA16602@sources.org>
In-Reply-To: <20200411163402.GA16602@sources.org>
From: Shumon Huque <shuque@gmail.com>
Date: Sat, 11 Apr 2020 13:07:18 -0400
Message-ID: <CAHPuVdX5ihg5_hiwyatuXXxvUG6Luh1nQeFGtfvsm-f--bxYGQ@mail.gmail.com>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
Cc: Brian Dickson <brian.peter.dickson@gmail.com>, "dnsop@ietf.org WG" <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000087b23605a306e251"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/CrujMZSh_FrH9qR1dl-psSiwEv0>
Subject: Re: [DNSOP] New draft on delegation revalidation
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Apr 2020 17:07:31 -0000
On Sat, Apr 11, 2020 at 12:38 PM Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote: > On Sat, Apr 11, 2020 at 09:22:42AM -0400, > Shumon Huque <shuque@gmail.com> wrote > a message of 138 lines which said: > > > I've heard proposals in the past that TLDs should routinely scan all > > their delegations to identify such problems, but I gather this is a > > challenging requirement to impose on them for various reasons. > > Also, delegation is not only done by TLDs. The problem, already huge > with only the TLDs, would be even worse with all the delegating > domains. > Sure. Brian was asking specifically asking about the TLD case, so my answer was in that context. For that space, I think one of the issues is: even if they were willing to verify all the delegations, it isn't clear what they are permitted to do about it, beyond notification to the registrants (or so I've heard). Shumon.
- Re: [DNSOP] New draft on delegation revalidation Mark Andrews
- [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Bob Harold
- Re: [DNSOP] New draft on delegation revalidation Tim Wicinski
- Re: [DNSOP] New draft on delegation revalidation Brian Dickson
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Stephane Bortzmeyer
- Re: [DNSOP] New draft on delegation revalidation Stephane Bortzmeyer
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation John Levine
- Re: [DNSOP] New draft on delegation revalidation Paul Vixie
- Re: [DNSOP] New draft on delegation revalidation Paul Vixie
- Re: [DNSOP] New draft on delegation revalidation Puneet Sood
- Re: [DNSOP] New draft on delegation revalidation Ólafur Guðmundsson
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation John R Levine
- Re: [DNSOP] New draft on delegation revalidation Bob Harold
- Re: [DNSOP] New draft on delegation revalidation Gavin McCullagh
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Patrick Mevzek
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Patrick Mevzek
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Joe Abley
- Re: [DNSOP] New draft on delegation revalidation Vladimír Čunát
- Re: [DNSOP] New draft on delegation revalidation Giovane C. M. Moura
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Gavin McCullagh
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] Privacy and DNSSEC Vladimír Čunát
- Re: [DNSOP] Privacy and DNSSEC Paul Vixie
- Re: [DNSOP] Privacy and DNSSEC Masataka Ohta
- Re: [DNSOP] Privacy and DNSSEC Vittorio Bertola
- Re: [DNSOP] New draft on delegation revalidation Joe Abley
- Re: [DNSOP] New draft on delegation revalidation Paul Vixie
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] Privacy and DNSSEC Shumon Huque
- [DNSOP] Client Validation - filtering validation? Brian Dickson
- Re: [DNSOP] Privacy and DNSSEC Paul Vixie
- Re: [DNSOP] Privacy and DNSSEC Mark Andrews
- Re: [DNSOP] New draft on delegation revalidation Giovane C. M. Moura
- Re: [DNSOP] Client Validation - filtering validat… Vittorio Bertola
- Re: [DNSOP] Client Validation - filtering validat… Paul Wouters
- Re: [DNSOP] Client Validation - filtering validat… S Moonesamy
- Re: [DNSOP] Client Validation - filtering validat… John Levine
- Re: [DNSOP] Client Validation - filtering validat… Paul Vixie
- Re: [DNSOP] Privacy and DNSSEC Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] Privacy and DNSSEC Paul Vixie
- Re: [DNSOP] Privacy and DNSSEC Shumon Huque
- Re: [DNSOP] Privacy and DNSSEC Paul Wouters
- Re: [DNSOP] Privacy and DNSSEC Shumon Huque
- Re: [DNSOP] Privacy and DNSSEC Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Daniel Migault
- Re: [DNSOP] Privacy and DNSSEC Paul Vixie
- Re: [DNSOP] Privacy and DNSSEC Paul Vixie
- Re: [DNSOP] New draft on delegation revalidation Giovane C. M. Moura
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Daniel Migault
- Re: [DNSOP] New draft on delegation revalidation Giovane C. M. Moura
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Petr Špaček
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Giovane C. M. Moura
- Re: [DNSOP] New draft on delegation revalidation Petr Špaček
- Re: [DNSOP] New draft on delegation revalidation Paul Vixie
- Re: [DNSOP] New draft on delegation revalidation Gavin McCullagh
- Re: [DNSOP] New draft on delegation revalidation Shumon Huque
- Re: [DNSOP] New draft on delegation revalidation Paul Vixie