Re: [DNSOP] Working Group Last Call for draft-ietf-dnsop-negative-trust-anchors
Warren Kumari <warren@kumari.net> Tue, 12 May 2015 15:14 UTC
Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE5441A8938 for <dnsop@ietfa.amsl.com>; Tue, 12 May 2015 08:14:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZGwE70ZMUoLZ for <dnsop@ietfa.amsl.com>; Tue, 12 May 2015 08:14:47 -0700 (PDT)
Received: from mail-wg0-f50.google.com (mail-wg0-f50.google.com [74.125.82.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E6451A0193 for <dnsop@ietf.org>; Tue, 12 May 2015 08:14:47 -0700 (PDT)
Received: by wgin8 with SMTP id n8so13759407wgi.0 for <dnsop@ietf.org>; Tue, 12 May 2015 08:14:46 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=9896lROMCf6rQcpymP+TlLEMloZQ72ONhNaWLGZx6kg=; b=XjiW4dvTsJoWrjCZhqDXbQOuCqUqhUpcDC5+TiO10aCavbumg8eJ5Smfgc7tT5VNLE uwZ72hEDbKAuFLPYyKgUc+40/yHcdFPB0ShIZMZQzNuGowquVnwxv0a6H5Fit0NBVFPX DRcT4noYy0KkNML1PGNZheW7uy/Bsvgz88uBSBple5/j9aIbE+vzOi3IUuVvZ3Mjw62i fxTEnaZ6aw7vg7RXBFstxdC/Lwf3HMjtbVHKiPPt6mQ+qrITSHnHXfanPT2Vp+sULegi +PPOp4NkriPXmxKzHH2jc9N41cxiOONx7zdZ1ukWzn8nFeG+Nh2Zay/kfKei8ffUfGLb lxgw==
X-Gm-Message-State: ALoCoQns0o5gt5Nidz8clqCodLXukgMZvS4eGwvIT+IFcLXjqDiBvRuRFI+tmMTD5HUXe0/Qzs7X
MIME-Version: 1.0
X-Received: by 10.194.104.201 with SMTP id gg9mr30374274wjb.113.1431443686225; Tue, 12 May 2015 08:14:46 -0700 (PDT)
Received: by 10.194.47.36 with HTTP; Tue, 12 May 2015 08:14:46 -0700 (PDT)
In-Reply-To: <20150512150037.GA99014@isc.org>
References: <553EBF02.3050703@gmail.com> <CAJE_bqc-T75k3sQZKtAF1VHp49biGn+Es5v5FivNSz5e3oB-Cg@mail.gmail.com> <CAHw9_iL9RLp0jynT0m_D6dGZYhmdonvBC-5ifTdB63eh5gvBeg@mail.gmail.com> <CAJE_bqesFPG6d3UsFmtFRjUBQqfifHkaBMR0sXAaNKuN10HL4A@mail.gmail.com> <CAHw9_iLbx_soi1+LaSwMKarLcT1kBCrFdaX8diwMVZp70KeePA@mail.gmail.com> <20150509185028.GB74933@isc.org> <CAJE_bqcJN+RL8NF5NoLTL2y6-mpC1Maf8y_msie7MgYxkV4B3A@mail.gmail.com> <CA+nkc8A7SgQS6FNaXOGx1f4qKhSYTsGvR2keTWiksB6H47J=AQ@mail.gmail.com> <20150511172610.GB7209@isc.org> <CAHw9_iK+0HO13dFuaMppGFvtNbKHqRxF6AQDp9=fj6dQRAGuPg@mail.gmail.com> <20150512150037.GA99014@isc.org>
Date: Tue, 12 May 2015 17:14:46 +0200
Message-ID: <CAHw9_i+8mefSb_WCTdqrJLNW-=O-rOVLkk+UXWzYJ2zN55mjfA@mail.gmail.com>
From: Warren Kumari <warren@kumari.net>
To: Evan Hunt <each@isc.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/Iir-KIq8N2s2a8fAlI5Bx0nFl5k>
Cc: Tim Wicinski <tjw.ietf@gmail.com>, Bob Harold <rharolde@umich.edu>, dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] Working Group Last Call for draft-ietf-dnsop-negative-trust-anchors
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 May 2015 15:14:49 -0000
On Tue, May 12, 2015 at 5:00 PM, Evan Hunt <each@isc.org> wrote: > On Tue, May 12, 2015 at 11:44:28AM +0200, Warren Kumari wrote: >> "An NTA placed at a node where there is a configured positive trust >> anchor MUST take precendence over that trust anchor, effectively >> disabling it. Implementations SHOULD issue a warning or informational >> message when this occurs, so that operators are not surprised when >> this happens." >> >> Just added. Seem good? > > I'd have gone with MAY instead of SHOULD, but that's a quibble: > it's fine. Changed. This gave me an excuse to bump the version number to -10, which scratches my OCD itch. :-) W > > -- > Evan Hunt -- each@isc.org > Internet Systems Consortium, Inc. -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf
- [DNSOP] Working Group Last Call for draft-ietf-dn… Tim Wicinski
- Re: [DNSOP] Working Group Last Call for draft-iet… Olafur Gudmundsson
- Re: [DNSOP] Working Group Last Call for draft-iet… 神明達哉
- Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
- Re: [DNSOP] Working Group Last Call for draft-iet… Evan Hunt
- Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
- Re: [DNSOP] Working Group Last Call for draft-iet… Paul Hoffman
- Re: [DNSOP] Working Group Last Call for draft-iet… Rose, Scott W.
- Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
- Re: [DNSOP] Working Group Last Call for draft-iet… Dan York
- Re: [DNSOP] Working Group Last Call for draft-iet… 神明達哉
- Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
- Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
- Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
- Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
- Re: [DNSOP] Working Group Last Call for draft-iet… Paul Hoffman
- Re: [DNSOP] Working Group Last Call for draft-iet… Paul Hoffman
- Re: [DNSOP] Working Group Last Call for draft-iet… Evan Hunt
- Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
- Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
- Re: [DNSOP] Working Group Last Call for draft-iet… 神明達哉
- Re: [DNSOP] Working Group Last Call for draft-iet… 神明達哉
- Re: [DNSOP] Working Group Last Call for draft-iet… Bob Harold
- Re: [DNSOP] Working Group Last Call for draft-iet… Evan Hunt
- Re: [DNSOP] Working Group Last Call for draft-iet… Evan Hunt
- Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
- Re: [DNSOP] Working Group Last Call for draft-iet… Ralf Weber
- Re: [DNSOP] Working Group Last Call for draft-iet… Evan Hunt
- Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
- Re: [DNSOP] Working Group Last Call for draft-iet… 神明達哉