Re: [DNSOP] A conversational description of sentinel.

Warren Kumari <warren@kumari.net> Wed, 07 February 2018 09:13 UTC

Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05B6E126BF0 for <dnsop@ietfa.amsl.com>; Wed, 7 Feb 2018 01:13:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f4tUYZg6Ef9d for <dnsop@ietfa.amsl.com>; Wed, 7 Feb 2018 01:13:11 -0800 (PST)
Received: from mail-wm0-x229.google.com (mail-wm0-x229.google.com [IPv6:2a00:1450:400c:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 296FE126E01 for <dnsop@ietf.org>; Wed, 7 Feb 2018 01:13:11 -0800 (PST)
Received: by mail-wm0-x229.google.com with SMTP id i186so1728022wmi.4 for <dnsop@ietf.org>; Wed, 07 Feb 2018 01:13:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=IanJvKQGPzk1oWhzAudJ4RVHM/Ur1lqcGZjzye4wc18=; b=PjP8GLIW9iY3UhH+86OH9E08HgYeX+nlSPZ1/yYM60zNUsj/MnMgRdCFjFjR89vMtx 1wi70tE9xIkTizenmtoDnEfOklSq1oYLyvPw4W7hUlzkxpqBNla7FirZ+rcLQbDfoSlW SXhoX4K2b91+a2r2t1j4keborhXI191U5nHa05zmjXcX/KaZwI+PANWB0XJ2A7b18/ho xxysXSN1spU/9vUylvS79H9/f6LhjPlG1QP0LT8gZKuFzXg81Coq8qCkcbaQDTFCtImg zZPmbMfQLkxoWszBMrBuPz7pI7PPZl9fdr/Mk1rkiPErnIQDNyP+e4EuGgMICWWUKQk0 wTPA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=IanJvKQGPzk1oWhzAudJ4RVHM/Ur1lqcGZjzye4wc18=; b=QD1U2oGzkC+pv8l/74YirBT/yRlWd17Yx73RvxYdHDKzr+ynb00MYtzjwXjJsxa1a9 MVIDYR8BKeIzddCi0TpUdKG7ArmNeCCCY7Ylw+TC2aOB34ikXHtzc6UmC+ib2tJ8PVea IULriukp/j8zeAhP/0dXj+xwMSVGtN6zpxDqDjlITYfnAXV5HmJyOkAVMyZFC7LxmlyA vYy+YTOwbOJQ/hiUInkTsQcWntbqNevoFsCCqEuRAp9jmbatJdbLdGwdYWA4TOr5JnWw /E+vD1qZjpvqiWPo/u3XaT0HNR2SBJr1A+domb6a9rcMa7aydgfBISG3fF2t4Gqdhcaq Xfiw==
X-Gm-Message-State: APf1xPCyLp/wbKo5/W+qMQXbrDQCIgeLodGQFqXboJPm08o59qf3BJyU RA3TJzOvuSC0MWEaxPhb3Ef61Su0sERSsiJW/klu8g==
X-Google-Smtp-Source: AH8x224r2cB4G2tmCxP56i4Uub/b5G7WdnV6zDoKU3LiQ88WQr7TqT9oYy++ZDt4SjWXmGCBHOwiJ1h2b1NnH+fdqPs=
X-Received: by 10.28.245.3 with SMTP id t3mr3961501wmh.134.1517994789297; Wed, 07 Feb 2018 01:13:09 -0800 (PST)
MIME-Version: 1.0
Received: by 10.223.152.242 with HTTP; Wed, 7 Feb 2018 01:12:28 -0800 (PST)
In-Reply-To: <CAHw9_iJXeRXkG8Mr_YuSkVV5HuSWNgRo5x=5=td4MhTGx38_oA@mail.gmail.com>
References: <CAHw9_iKnD4WtTKyof=nm4ChmDZ5mAPqA7a_-m1t_Lauugf4Uow@mail.gmail.com> <D5D013D4-1EAD-434B-863A-29CB1BBEF4E4@vpnc.org> <496EFA88-BA70-460B-BFB2-69B2C7BC905D@apnic.net> <4540A279-4A37-4245-AE61-BEE5342E3F72@vpnc.org> <20180202075530.Horde.UWaxe9eenZ7PyxWYFHCFGdN@andreasschulze.de> <e8ac7bd0-26e6-cf97-e2ef-0ead50dc18ce@nic.cz> <88E7D27C-048E-44CB-B317-C892EA603D31@isc.org> <0c2a4a38-49d7-2b46-1ac8-1dda0812e217@nic.cz> <CAHw9_iJ6yL12OaGW5+fm8M3YUkrj46CvC2-ob7Xrc5HEaA_Z1Q@mail.gmail.com> <f9861a96-a930-bd08-7cf5-5c6b003f706e@nic.cz> <24C74B01-FC08-41CD-BB16-FD122F9EB61A@apnic.net> <alpine.DEB.2.11.1802051246230.30577@grey.csi.cam.ac.uk> <FDFE42D8-B805-4336-A9A5-B81F416B3251@apnic.net> <D07FE583-06F7-436D-97EF-4747B815AD3F@vpnc.org> <20180206094215.Horde.m4xt1lsOwvQ28hAbN1r_Tg4@andreasschulze.de> <alpine.DEB.2.11.1802061221510.30577@grey.csi.cam.ac.uk> <2ffeba22-5cf1-4eb0-b45c-fefb7cf1d8f7@nic.cz> <CBB24E6D-D20D-42CC-95D3-82A37C26BC31@vpnc.org> <fdbd881c-d778-cd0f-a002-f1dd441f519b@nic.cz> <CAHw9_iJXeRXkG8Mr_YuSkVV5HuSWNgRo5x=5=td4MhTGx38_oA@mail.gmail.com>
From: Warren Kumari <warren@kumari.net>
Date: Wed, 07 Feb 2018 04:12:28 -0500
Message-ID: <CAHw9_iK+5roJN6m+Wbvxe8S5GEf4Lx1Ucp8yrsOOsnFucNr_Qw@mail.gmail.com>
To: Petr Špaček <petr.spacek@nic.cz>
Cc: dnsop <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/DOvVT_sXg2IQAALJB2J2ojwFnZM>
Subject: Re: [DNSOP] A conversational description of sentinel.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Feb 2018 09:13:14 -0000

Whoops, last message was blank; finger fail.


On Wed, Feb 7, 2018 at 3:57 AM, Warren Kumari <warren@kumari.net> wrote:
> On Wed, Feb 7, 2018 at 2:15 AM, Petr Špaček <petr.spacek@nic.cz> wrote:
>>
>>
>> On 6.2.2018 17:13, Paul Hoffman wrote:
>>> On 6 Feb 2018, at 8:04, Petr Špaček wrote:
>>>
>>>> On 6.2.2018 13:22, Tony Finch wrote:
>>>>> A. Schulze <sca@andreasschulze.de> wrote:
>>>>>>
>>>>>> Yes, "kskroll-sentinel-is-ta-NNNN" is more descriptive and specific.
>>>>>> I also prefer that longer variant.
>>>>>
>>>>> Yes, more friendly for web searches if someone is wondering about weird
>>>>> queries.
>>>>
>>>> Bonus points if we can get a number reserved by RFC editor, it would
>>>> allow us to use name like
>>>> test-rfc0000-is-ta-NNNN
>>>> test-rfc0000-not-ta-NNNN
>>>>
>>>> That would be super awesome.
>>>
>>> ...and super-unlikely, given the history of the RFC Series.
>>>
>>>> Is something like RFC number pre-allocation possible?
>>>
>>> Sometimes (rarely), after Working Group Last Call. That's why I
>>> suggested "kskroll-sentinel" since those words are in the WG draft name,
>>> and will probably appear in the IETF Datatracker forever.
>>
>> Fine. Now we need to have something actionable, e.g. set of names for
>> Geoff to test.
>>
>> Can we have couple proposals and test them in one go, so results are
>> comparable?
>>
>> I've gathered these:
>>
>> kskroll-sentinel-is-ta-NNNN
>> kskroll-sentinel-not-ta-NNNN
>> is-ta--NNNN
>> not-ta--NNNN
>>
>> I propose longer but more descriptive variant:
>> kskroll-sentinel-dnssec-root-trust-anchor-key-trusted-yes-NNN
>> kskroll-sentinel-dnssec-root-trust-anchor-key-trusted-no-NNNN

<no hats>

I personally like "kskroll-sentinel-is-ta-NNNN", or "is-ta--NNNN".

I really do not like
"kskroll-sentinel-dnssec-root-trust-anchor-key-trusted-yes-NNN" as:
$echo "kskroll-sentinel-dnssec-root-trust-anchor-key-trusted-yes-NNN" | wc -c
   62

(I note that you left off the last N in the "yes" version. While 62 is
within spec, it feels like we are getting really close; I cannot think
of any current issue that this might cause, but I *can* imagine
someone many years from now cursing us when Key IDs get expanded to
128bits to <insert unlikely but possible scenario here>)

I also think that we are getting into the beauty contest territory
here -- some of which may be caused by the fact that the authors
really owe the WG an update.

Whoever would have predicted that a discussion on naming things would
generate so much discussion?! :-)

W

I also note that you ignored my "I-heart-KennyG" suggestion. This
makes me sad. :-P
</no hats>

>>
>> (I imagine that real meaning of name "kskroll-sentinel" will be known by
>> dozen people but hunders or thousands people will encounter it in
>> tcpdump, so why not make life easier for them. It costs almost nothing...)
>>
>> Do we have other proposals?
>>
>> --
>> Petr Špaček  @  CZ.NIC
>>
>> _______________________________________________
>> DNSOP mailing list
>> DNSOP@ietf.org
>> https://www.ietf.org/mailman/listinfo/dnsop
>
>
>
> --
> I don't think the execution is relevant when it was obviously a bad
> idea in the first place.
> This is like putting rabid weasels in your pants, and later expressing
> regret at having chosen those particular rabid weasels and that pair
> of pants.
>    ---maf



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf