Re: [DNSOP] Delegation acceptance checks [was: Re: [Ext] WGLC rfc8499bis one week extension for lame delegation definition]
Mark Andrews <marka@isc.org> Fri, 12 May 2023 02:04 UTC
Return-Path: <marka@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E39DC16953E for <dnsop@ietfa.amsl.com>; Thu, 11 May 2023 19:04:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isc.org header.b="ju8DhuPk"; dkim=pass (1024-bit key) header.d=isc.org header.b="OBeI0LR3"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WEwrujA8NBDE for <dnsop@ietfa.amsl.com>; Thu, 11 May 2023 19:04:12 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.64.53]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B48A4C16951C for <dnsop@ietf.org>; Thu, 11 May 2023 19:04:12 -0700 (PDT)
Received: from zimbrang.isc.org (zimbrang.isc.org [149.20.1.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx.pao1.isc.org (Postfix) with ESMTPS id 182F93AB01F; Fri, 12 May 2023 02:04:11 +0000 (UTC)
ARC-Filter: OpenARC Filter v1.0.0 mx.pao1.isc.org 182F93AB01F
Authentication-Results: mx.pao1.isc.org; arc=none smtp.remote-ip=149.20.1.12
ARC-Seal: i=1; a=rsa-sha256; d=isc.org; s=ostpay; t=1683857051; cv=none; b=KrgzNHcPG2uQ0+Kzb7qYIrBaO2vcNcCICGpw+XFJvnyw2ReKyBprCOkBOIyGUO5/YDIgogFM6F6QEhzkFhw6ijxyhD/fr6ZZ0HX6Q0XsES1qVH+Q6GdKLdzr+3TbUf0YLvg/0qVDHbiqfX1qVv1zNKJfo24MxYlFM6cq1QMXXW8=
ARC-Message-Signature: i=1; a=rsa-sha256; d=isc.org; s=ostpay; t=1683857051; c=relaxed/relaxed; bh=Fun1lSqumUyka3oIsaqRAP9wIOCbnPk3F/I+xdz8BEo=; h=DKIM-Signature:DKIM-Signature:Mime-Version:Subject:From:Date: Message-Id:To; b=Pdjcc7lQMpwcDXS7WJiB3zB63qONCqvzrErvZMWiKUoLJaCfIdj2zyEzjlpPLt4nZE0Ge2Yxa0IPYG+a2Q3/3rPP8w8qWHENYrcyx672OBRnsmV4HShG6RvjPXvG5JU2H8OXu8BWpX3n/NPLWMtRhD29dBPUvVT77hyLlsdvZq0=
ARC-Authentication-Results: i=1; mx.pao1.isc.org
DKIM-Filter: OpenDKIM Filter v2.10.3 mx.pao1.isc.org 182F93AB01F
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=isc.org; s=ostpay; t=1683857051; bh=1leAd+SlJsAWRJBszRgQSpTwPnG5bkObWkwSTjhVQ0o=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=ju8DhuPkVU1MzikYbe7CBHQCELxDRAp4jxDDsHeFTdod+chyjlio6u6P2lQob51CH Nl9lgGph3Sqz6MvpY7oyJGK3tmmSfpyr0w5tZoCgMk0dnJkQAngCkxQRguTyN1yU05 qUNEaJCjGbd+jaeF0tU5Y450ZTwFmRWgsNC+JSOA=
Received: from zimbrang.isc.org (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTPS id 0D11DFEC6E7; Fri, 12 May 2023 02:04:11 +0000 (UTC)
Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTP id D7A4BFEC6E8; Fri, 12 May 2023 02:04:10 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.10.3 zimbrang.isc.org D7A4BFEC6E8
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=05DFB016-56A2-11EB-AEC0-15368D323330; t=1683857050; bh=Fun1lSqumUyka3oIsaqRAP9wIOCbnPk3F/I+xdz8BEo=; h=Mime-Version:From:Date:Message-Id:To; b=OBeI0LR3l9EYeBQPX2ZISqsgU+EA/B+zKQOHZHaoOgZrHy+W2P4ls1IZsjXSN7LPu Tu5bK5jcy02g/2+1ZBqYDAsml5+XREoOYTmDT58CPleOSfHZVsIZkJ5Jg8BhDJcQr3 hVbTXQUjJHvu4JY6dTwUnFH1g5BizPTzkmVLUH9U=
Received: from zimbrang.isc.org ([127.0.0.1]) by localhost (zimbrang.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id oMDAh2CgyHJV; Fri, 12 May 2023 02:04:10 +0000 (UTC)
Received: from smtpclient.apple (n49-187-27-239.bla1.nsw.optusnet.com.au [49.187.27.239]) by zimbrang.isc.org (Postfix) with ESMTPSA id 25390FEC6E7; Fri, 12 May 2023 02:04:09 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.500.231\))
From: Mark Andrews <marka@isc.org>
In-Reply-To: <20230512013510.2ACD2D670AF9@ary.qy>
Date: Fri, 12 May 2023 12:04:09 +1000
Cc: dnsop@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <A7E2E387-559B-4623-8218-887ED583F57E@isc.org>
References: <20230512013510.2ACD2D670AF9@ary.qy>
To: John Levine <johnl@taugh.com>
X-Mailer: Apple Mail (2.3731.500.231)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/D5fW0fESxH4JQ9yBOfR6iKRfefg>
Subject: Re: [DNSOP] Delegation acceptance checks [was: Re: [Ext] WGLC rfc8499bis one week extension for lame delegation definition]
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 May 2023 02:04:16 -0000
> On 12 May 2023, at 11:35, John Levine <johnl@taugh.com> wrote: > > It appears that Mark Andrews <marka@isc.org> said: >>> Oh, I completely agree. My point was just that even in the root which is small and you >>> would hope would change slowly, it's still a challenge to track what's lame. >> >> It’s not a challenge to track what is lame. It’s dead simple. You just have to look. Getting >> it addressed is the challenge. > > Yeah, that's a better way to put it. But the main point still stands, > that it would be a signficant operational change to insist that all > delegated NS be active when delegated, and even moreso to insist that > they continue to be active. No, it is not a “significant” change. It should just be a minor extension of the existing requirement to keep the NS and glue records consistent. Even if it was you just introduce it with a soft start. Just start checking the delegations of every TLD like zone then report the broken servers publicly and email the contacts for the delegation. The tools for checking already exist. RFC 4034, 4.2.2. As the last installation step, the delegation NS RRs and glue RRs necessary to make the delegation effective should be added to the parent zone. The administrators of both zones should insure that the NS and glue RRs which mark both sides of the cut are consistent and remain so. > Back in the 1990s when you registered names by email, NetSol checked > that your NS were active before accepting them, but that was back when > it was normal for the back and forth for registering a name to take a > week. > > R's, > John -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Paul Wouters
- [DNSOP] WGLC rfc8499bis one week extension for la… Benno Overeinder
- Re: [DNSOP] WGLC rfc8499bis one week extension fo… George Michaelson
- Re: [DNSOP] WGLC rfc8499bis one week extension fo… Joe Abley
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Peter Thomassen
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Peter Thomassen
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Paul Hoffman
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Tim Wicinski
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Wessels, Duane
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… John Kristoff
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Hollenbeck, Scott
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… libor.peltan
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Brian Dickson
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Mark Delany
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Joe Abley
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Paul Vixie
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Wes Hardaker
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Paul Vixie
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Ralf Weber
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Magnus Sandberg
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Frederico A C Neves
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Peter Thomassen
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Wes Hardaker
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Paul Wouters
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Joe Abley
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Joe Abley
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Peter Thomassen
- Re: [DNSOP] WGLC rfc8499bis one week extension fo… John Kristoff
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Warren Kumari
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Havard Eidnes
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Havard Eidnes
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Warren Kumari
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Edward Lewis
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Edward Lewis
- Re: [DNSOP] WGLC rfc8499bis one week extension fo… Donald Eastlake
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Edward Lewis
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Havard Eidnes
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Mark Delany
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Warren Kumari
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Havard Eidnes
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Havard Eidnes
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Joe Abley
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Mark Andrews
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… George Michaelson
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Mark Andrews
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Brian Dickson
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Joe Abley
- [DNSOP] Delegation acceptance checks [was: Re: [E… Peter Thomassen
- Re: [DNSOP] Delegation acceptance checks [was: Re… Warren Kumari
- Re: [DNSOP] Delegation acceptance checks Havard Eidnes
- Re: [DNSOP] Delegation acceptance checks [was: Re… Mark Delany
- Re: [DNSOP] Delegation acceptance checks [was: Re… Joe Abley
- Re: [DNSOP] [Ext] WGLC rfc8499bis one week extens… Edward Lewis
- Re: [DNSOP] Delegation acceptance checks [was: Re… Brian Dickson
- Re: [DNSOP] Delegation acceptance checks [was: Re… John Levine
- Re: [DNSOP] Delegation acceptance checks [was: Re… Dr Eberhard W Lisse
- Re: [DNSOP] Delegation acceptance checks Dr Eberhard W Lisse
- Re: [DNSOP] WGLC rfc8499bis one week extension fo… Benno Overeinder
- Re: [DNSOP] Delegation acceptance checks Havard Eidnes
- Re: [DNSOP] Delegation acceptance checks Joe Abley
- Re: [DNSOP] Delegation acceptance checks [was: Re… John Levine
- Re: [DNSOP] Delegation acceptance checks [was: Re… Mark Andrews
- Re: [DNSOP] Delegation acceptance checks [was: Re… Peter Thomassen
- Re: [DNSOP] Delegation acceptance checks Peter Thomassen
- Re: [DNSOP] Delegation acceptance checks Mark Elkins
- Re: [DNSOP] Delegation acceptance checks [was: Re… John Levine
- Re: [DNSOP] Delegation acceptance checks [was: Re… Kim Davies
- Re: [DNSOP] Delegation acceptance checks [was: Re… Mark Andrews
- Re: [DNSOP] Delegation acceptance checks [was: Re… John Levine
- Re: [DNSOP] Delegation acceptance checks [was: Re… Mark Andrews
- Re: [DNSOP] Delegation acceptance checks [was: Re… John R Levine
- Re: [DNSOP] Delegation acceptance checks [was: Re… Mark Andrews
- Re: [DNSOP] Delegation acceptance checks [was: Re… Rubens Kuhl
- Re: [DNSOP] Delegation acceptance checks [was: Re… John R Levine
- Re: [DNSOP] Delegation acceptance checks [was: Re… Edward Lewis