[DNSOP] Re: [Ext] Request: Review changes - draft-ietf-dnsop-rfc7958bis-03 → 04.

Edward Lewis <eppdnsprotocols@gmail.com> Mon, 26 August 2024 17:59 UTC

Return-Path: <eppdnsprotocols@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08BBCC18DB80 for <dnsop@ietfa.amsl.com>; Mon, 26 Aug 2024 10:59:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.607
X-Spam-Level:
X-Spam-Status: No, score=-1.607 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kdumX225XB8q for <dnsop@ietfa.amsl.com>; Mon, 26 Aug 2024 10:59:04 -0700 (PDT)
Received: from mail-qk1-x743.google.com (mail-qk1-x743.google.com [IPv6:2607:f8b0:4864:20::743]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7EC8AC1840F0 for <dnsop@ietf.org>; Mon, 26 Aug 2024 10:59:04 -0700 (PDT)
Received: by mail-qk1-x743.google.com with SMTP id af79cd13be357-7a1da036d35so298133685a.0 for <dnsop@ietf.org>; Mon, 26 Aug 2024 10:59:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1724695143; x=1725299943; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=S7LDG6uWYi/nxi/6nikyM1Zk9joXP9S8TguEhFPd620=; b=GLdRiJw9FsotxI83oCpBnJ7cPziaWfYxyi5VA3Ox8M/ZyIyCCPzrD+SK3Esopp6aWM dn+FfnaikuSDzwhPXYYcmUhAKUugq4bXebMyZ8yaSB7SuD9WCEEWgP0sf3D3gh8v0Ene YJHOSQ14LG7E9sQ72oOe/6lCQ33mMUd0HT1OO8oeI2S5lX6/UHxC3Elh6e54SqMqPE6S 4NV6uWVEKhM/Cfs1Ep84I+1voc+ZRwDhcmhyN2A7oCp9go/mI8Xer26QylOw4IZI5YvV fCaKc4NpPcGI9g8paRMSol7OvOm1f2IVzBAO55X0w6XZLw3xpKsYQPPA9/vTXN2sJJio 7cbw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724695143; x=1725299943; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=S7LDG6uWYi/nxi/6nikyM1Zk9joXP9S8TguEhFPd620=; b=LyL8KSUS5sEGQv6wKGKm08QqB9Ny+7xKl8rxvsNuMDBsYQqh1vxW9MHXay10EOjDP7 jBCTS/P1imq6/Lcx1JNW1xcA87vqBV5UXE7RFZR/OOXypGcTrA8GPuOSryZsJ1aOc1Bd 9kLk2weLuSaaREVM2P41Omrw29L/xT2s0xCuTCv0NTK33Na26iE/eTi1A+g+H88hT9h/ St6xDjVjoR8YbW4MCqMxDneGxAMdRlVOg8WSpR+ufGEIeiLErHL0/bo4s+kPz8jhqjaX vI0ceGht0bcW84L226ZryiTPLW1K7DN4+QcNiOIZ/z329P+L8/vNfemyYlRimzQSo+Hd a/HA==
X-Forwarded-Encrypted: i=1; AJvYcCV+o5ALa6yCb4XxuDmzHsUh0tO0jqCXHYf0SsQvpbnz+n4GegUXmzqrEANLtzaPJV5JRNMdfQ==@ietf.org
X-Gm-Message-State: AOJu0YyBk0fMkaGXD8Ixw6v4tCd1P2Th2+jtjNJEIY0dlfsyMxekf6hf YZIYpDfMe9M2gXRx0iuikVcM8FRVv8gi8pjd1sJ+QCCODrx/aiym
X-Google-Smtp-Source: AGHT+IEuASkdw0Z13J/z2JCjbaFhfQtGuqwNyX/CW2F4klLX62ImX7GLli3AmKRcw6M8Uv7KskgdIA==
X-Received: by 2002:a05:620a:19a7:b0:79f:726:e2d4 with SMTP id af79cd13be357-7a6896f4f76mr1148288585a.15.1724695143157; Mon, 26 Aug 2024 10:59:03 -0700 (PDT)
Received: from smtpclient.apple (pool-96-255-253-89.washdc.fios.verizon.net. [96.255.253.89]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a67f3622fasm476159285a.70.2024.08.26.10.59.01 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 26 Aug 2024 10:59:02 -0700 (PDT)
From: Edward Lewis <eppdnsprotocols@gmail.com>
Message-Id: <09CFE761-9E35-4C9C-B7AE-4E6DAA28A09A@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_21EE52D3-9914-4D2D-BBCE-F8B1E77F6C3F"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.15\))
Date: Mon, 26 Aug 2024 13:59:00 -0400
In-Reply-To: <CAHw9_iJwnDS5APdk2-dHXSHW_UJaL0kqRbvTEzF3aXxwNFLmPw@mail.gmail.com>
To: Warren Kumari <warren@kumari.net>
References: <CAHw9_iL-ZwwA_pckR+=7SndOvqjfcNX9FjZ9Bim24uSYgTxkyw@mail.gmail.com> <98896B9D-259E-4E46-8DC7-E873D8B25F55@icann.org> <d9aed09d-b1c8-4ba1-9d4e-e83d504bfe40@nthpermutation.com> <65A596AD-1A4F-400A-9404-E2D60A54BE66@icann.org> <36118f44-d18d-443b-8aa8-007b8b62db3f@nthpermutation.com> <49523BCB-7747-44A2-97FA-8F46B238B4E0@icann.org> <6b19942a-1392-47ac-8a50-1520713f2140@nthpermutation.com> <3ABBFB63-4953-4F9D-97C7-A31276496200@gmail.com> <CAHw9_iJwnDS5APdk2-dHXSHW_UJaL0kqRbvTEzF3aXxwNFLmPw@mail.gmail.com>
X-Mailer: Apple Mail (2.3654.120.0.1.15)
Message-ID-Hash: UYVYOQZPKP3S7CWAR26NETRSTEOWF5KO
X-Message-ID-Hash: UYVYOQZPKP3S7CWAR26NETRSTEOWF5KO
X-MailFrom: eppdnsprotocols@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Edward Lewis <eppdnsprotocols@gmail.com>, dnsop <dnsop@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [DNSOP] Re: [Ext] Request: Review changes - draft-ietf-dnsop-rfc7958bis-03 → 04.
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/KMmSRDbAsa_RIycelhrxaxBJWcs>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

On Aug 21, 2024, at 18:12, Warren Kumari <warren@kumari.net> wrote:
> My initial email in this thread said:
> 
> The IANA is eagerly awaiting this becoming a standard so that they can update their trust anchor with the DNSKEY material - so, if you have any strong objections to these changes, please let me know by end of day (anywhere!) on Aug 18th."

Apologies for only replying now, I missed this message in my in-box until I saw Petr’s.

The way that quote is worded makes it sound like a quick approval is important and that this would make something a standard.

Even if this is just a document of how IANA publishes information about its trust anchors for the root zone it administers[1], there ought to be no ambiguity in the meaning of the fields or even the presence/absence of the fields.  Nothing should be left to the imagination of the reader.  There’s no underlying standard regarding trust anchors that supplies default assumptions.  This document then has to stand on its own.

I am a bit surprised that this is a WG document, as it pertains to one operator’s approach in filling an undefined gap in the management of the protocol.  WG review of this is beneficial, arguably the best means to address risks involved and a worthy use of WG time.  Nevertheless, if IANA’s operations are to be defined by IANA, and they should be, then this document is “owned” by IANA and not by DNSOP.

I’m writing this to encourage consideration of Mike St. John’s and Petr Spacek’s comments as opposed to pushing this through because “IANA is eagerly awaiting this becoming a standard.

[1] qualification recognizing that the DNS protocol can be instantiated in different environments, IANA is administering the root zone for the global public Internet.