Re: [DNSOP] Review of draft-ietf-dnsop-attrleaf

"Murray S. Kucherawy" <> Wed, 18 July 2018 16:28 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B93EC1311BB for <>; Wed, 18 Jul 2018 09:28:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id v0eX2NaVBRIl for <>; Wed, 18 Jul 2018 09:28:08 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4864:20::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E5B071311EF for <>; Wed, 18 Jul 2018 09:28:07 -0700 (PDT)
Received: by with SMTP id q127-v6so4625362ljq.11 for <>; Wed, 18 Jul 2018 09:28:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=gLWQrPJVT+hWlSs/E0rG1rZvGciGarUGVc6nhT98QO8=; b=ebfvwC3DXpcj2nr7reHHOa+FDV/g7Bi1Jw39nXVsYHDIv4cOq/nPMsGaQXflspz+Uz dmZ7kgE3D/NCBwJ0q1W4KeMxDC+GtTBTbLW967kkhPMSKRt3m6SQnBrxKMA8LoZGuxml kLaE6Ktv6XJMHpgUyitGQ1c09F56epIXbl90y5Potg04n4qJ8OvsZIwHmUPW2tlYcZPs Io+qDb0hElHy7Xvd9jF6wFaHNBxJHtO4bokLXaIq34H1cY/0v8bU65sKG2LdjIgr7SRL gyKzTF4ya1e0KBd+51t1VvLZJ9hB6rqKtT4qMn4JgHVkTPaIpUGnZrO5HEXeAwj0x8Ll Nrjw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=gLWQrPJVT+hWlSs/E0rG1rZvGciGarUGVc6nhT98QO8=; b=DL462ZQEPVYz71UbcvxU8lZ9ZoE9mYKMBxpMaJOjX2RjSST+nnSdDbt/QXKxEH34rn ftJgy78WVuRCM4e6L0OuAgiVHwpxRVBl+6XI7gmaKJgUa9zXYOyJqmjl6sJI+XcO3Nse 4y4mb7jxwy7JugiZrjP5rD5K+EO/hmi6tAD0zV2fqSjD+UWqaISINae8WU7iBVi3fKMQ OJU7fLQ1wlXsJjmiAr+OSf4bHh3p1mAFN8X7D/acjyZJQPHHlcTpR2hCbsy5OAkjhcw9 N775EfUzLxhfbqEHHq6gxFMd9aE87Ykpd1DX+Ax236tH4BU00K2R5NuWHgb6ylTUazjn DkZA==
X-Gm-Message-State: AOUpUlFu8X50FLN3xWmVVJtFtVW2ZIcRWFkiN9qaUCbHHkwYW1t9cUbb 7rDSNqF3GDrFJk3btNqcTApKown/T+mRLr1lkI3wSg==
X-Google-Smtp-Source: AAOMgpdHSH8lhSs0JWVRfhK/ireXAr+BduqDHwy73IDq73km+JZjI1rLZCmEvyMuqQnbDQnfBk3JG1v79U42C2W/U30=
X-Received: by 2002:a2e:7d10:: with SMTP id y16-v6mr4929177ljc.29.1531931285985; Wed, 18 Jul 2018 09:28:05 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a2e:3a13:0:0:0:0:0 with HTTP; Wed, 18 Jul 2018 09:28:05 -0700 (PDT)
In-Reply-To: <>
References: <> <>
From: "Murray S. Kucherawy" <>
Date: Wed, 18 Jul 2018 12:28:05 -0400
Message-ID: <>
To: Dave Crocker <>
Content-Type: multipart/alternative; boundary="0000000000001f1dd80571488cb7"
Archived-At: <>
Subject: Re: [DNSOP] Review of draft-ietf-dnsop-attrleaf
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 18 Jul 2018 16:28:12 -0000

On Wed, Jul 18, 2018 at 12:21 PM, Dave Crocker <> wrote:

> Folks,
> I'm responding to Murray's impressive proofreading details offlist, but
> there are some points he raises that might need wg discussion:

Aw shucks.

>> The text specifically calls for a stable reference. Do we have guidance
>> about what constitutes such a thing? I believe IANA has its own guidelines
>> to that end; are they available to the Designated Expert?
> I'm inclined to let IANA raise this if they see and issue and then let
> them drive the resolution of this point.

Yeah, I don't have the right answer either, but I'm concerned that we're
asking the DE to make a decision with guidelines she doesn't have (or
worse, come up with some that are not consistent with what IANA usually

> Section 6:
>> I have doubts that SECDIR would accept this one-sentence comment. I
>> suggest saying something more specific, like:
>> "This document establishes a registry, and encourages a slight
>> reorganization of attributes stored in the DNS. It establishes no new
>> security issues."
> The first clause is redundant and makes sense to have here only either if
> the readers of this section haven't read the rest of the document, or if
> the clause is useful to what follows.  I believe neither applies here.

I imagine myself as a SECDIR reviewer, and believe this would be the first
section I would read for any document to which I'm assigned.  Discovering
there a sentence that basically says "None" would get my back up ("We'll
see about that!").

More generally, I have had success with my proposed tactic in the past, so
I thought I'd suggest it here.

I don't understand the 'encourages' statement but suspect I don't agree.

Reading the document, I got the impression that in your research you
discovered some underscore names that don't quite follow the proposed
placement.  If my inference is wrong, then so is that clause.

> Section 6.1:
>> This seems to me to be content that belongs in its own section outside of
>> Section 6 since it doesn't seem to me to be a security issue, but it's
>> worth saying. Maybe give it its own section between what's now Sections 3
>> and 4?
> Well, I agree it's awkward where it is, but gosh.  An entire major
> section?  For such a small and explanatory -- rather than
> specification/normative bit of text? Mumble.
> If no one minds, I would rather make it Section 1.4, just after the
> sub-section tht describes the construct.  I think it actually works well
> there.

That works too.