IETF Logo Mail Archive

Re: [DNSOP] I-D Action: draft-ietf-dnsop-ns-revalidation-02.txt

Joe Abley <jabley@hopcount.ca> Wed, 09 March 2022 15:19 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEB793A094B for <dnsop@ietfa.amsl.com>; Wed, 9 Mar 2022 07:19:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hopcount.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TCRgWqBljdc8 for <dnsop@ietfa.amsl.com>; Wed, 9 Mar 2022 07:19:14 -0800 (PST)
Received: from mail-il1-x133.google.com (mail-il1-x133.google.com [IPv6:2607:f8b0:4864:20::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B3563A093D for <dnsop@ietf.org>; Wed, 9 Mar 2022 07:19:14 -0800 (PST)
Received: by mail-il1-x133.google.com with SMTP id h7so1716844ile.1 for <dnsop@ietf.org>; Wed, 09 Mar 2022 07:19:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=EVGmgFGr9qPZnbBsaZOSWNeNC6NX8P9oDL9+xhFVGvs=; b=HAfJT+sus9Z4rw9H8DYXUh9pssR/TCNm7iim4QffYP1LzMgWIOU4sG/lkau42+nMyT ZJ4c4mjxcYFtflSZhozrXte+eGTw/KTWISZm36reohKYmbBZytgUks4oEGOkfpal+k1n AaEzW5yA3aC+tTydM+ERxsaZS2jJJ2mQCYMUc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=EVGmgFGr9qPZnbBsaZOSWNeNC6NX8P9oDL9+xhFVGvs=; b=fe2DC9KcXFyJIgC+txPtU2yXkIH6m6WsDpT/MZm5LxY4A0fgEsUgYkpxpULtPbDtBG r7TvBwrgBKmhgPmjgThqcELOIfD4AxDJ+YQev7DXqsyLE/NpCm2ssaKB5X/zXLGOEU22 VKh7DRLuizl4zkh2NvLO8YT+ybUwS/qqtk1V+dHzFpLc2emk6oHzMLYYrmoFpbFuU2zJ 0VjLxdtmLvXE4iQE79S5VwuyIIfGI48LTg78xewfQ6ofBe1fsyk6t1ltxGuUBf+5Io26 BCHacyOiJLdriA4Uw7VTfHuSQ/duY3goqcV6DQ0BP5KDiCviYr0t9wyZ2ld/PwzuS1km 3uxA==
X-Gm-Message-State: AOAM5308CbocKw+VdtvVi+ccUzMjEjazjfXQlowlrGEpr3siGSfvEOpw JbzzsjwVTc5wxLQ5iLNngvRYXw2w+30TCw==
X-Google-Smtp-Source: ABdhPJx49gAzT9GsMgQdNVcGd3xR9ArNlE8DJpu6wvyWiy/p5+FHti1oxf6XLWfZLg+xYVrmR6UNqg==
X-Received: by 2002:a05:6e02:b2f:b0:2c6:46:c38a with SMTP id e15-20020a056e020b2f00b002c60046c38amr21171ilu.174.1646839153008; Wed, 09 Mar 2022 07:19:13 -0800 (PST)
Received: from smtpclient.apple ([199.119.232.220]) by smtp.gmail.com with ESMTPSA id w10-20020a056e02190a00b002c6637e1a1asm1215709ilu.47.2022.03.09.07.19.11 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 09 Mar 2022 07:19:12 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail-4102C4FF-4EBE-429F-9486-64BF878480AA"
Content-Transfer-Encoding: 7bit
From: Joe Abley <jabley@hopcount.ca>
Mime-Version: 1.0 (1.0)
Date: Wed, 09 Mar 2022 10:19:10 -0500
Message-Id: <A35BB3F2-069F-451D-9537-79D391C617B9@hopcount.ca>
References: <CAHPuVdVpH_H9B487HgBypVQ8xFMXNsOiGopkSO6yM5BTjc-G9w@mail.gmail.com>
Cc: Paul Wouters <paul.wouters=40aiven.io@dmarc.ietf.org>, dnsop <dnsop@ietf.org>
In-Reply-To: <CAHPuVdVpH_H9B487HgBypVQ8xFMXNsOiGopkSO6yM5BTjc-G9w@mail.gmail.com>
To: Shumon Huque <shuque@gmail.com>
X-Mailer: iPhone Mail (19D52)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Fpiha3zbaRfJ2Y3vl07Xd72kuMA>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-ns-revalidation-02.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Mar 2022 15:19:20 -0000

On Mar 9, 2022, at 00:12, Shumon Huque <shuque@gmail.com> wrote:

>> This document looks good. Some comments:
>> 
>>     In fact, the Extensible Provisioning
>>     Protocol (EPP) [RFC5731], that is often used by TLDs to configure
>>     delegation parameters has no provision to set the TTL.  This inhibits
>>     a child zone owner's ability to make more rapid changes
>> 
>> This is somewhat misleading. Even if EPP had the functionality, the
>> parent zone would still want to set their own TTL to reasonable values
>> for _their_ dpeloyment considerations. So the implication of the problem
>> of "EPP cannot set TTL" is not really right. I would remove this text.
> 
> The first sentence is fact.

Since the E in EPP stands for extensible, and since there's an active community (an active ietf working group, even, with participants who are registry operators) working on such extensions, I'm not sure the truth of the first sentence is useful generally.

in any case, I agree with Paul that the operator of a child zone generally should have no expectation of being able to influence the TTL in the delegation NS set (above the zone cut).

I also think it makes sense just to remove this commentary. 

>>    When a delegation response is received during iteration, a
>>     validation query should be sent in parallel with the resolution of
>>     the triggering query

"Referral response" not "delegation response" I think. 


Joe

v2.23.0 | Report a Bug | By Email