[DNSOP] KSK-Sentinal: Once more down the naming rathole.

Warren Kumari <warren@kumari.net> Wed, 21 February 2018 19:16 UTC

Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F37FD1289B0 for <dnsop@ietfa.amsl.com>; Wed, 21 Feb 2018 11:16:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hcObKZAsV-sQ for <dnsop@ietfa.amsl.com>; Wed, 21 Feb 2018 11:16:13 -0800 (PST)
Received: from mail-wr0-x231.google.com (mail-wr0-x231.google.com [IPv6:2a00:1450:400c:c0c::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 39177124BAC for <dnsop@ietf.org>; Wed, 21 Feb 2018 11:16:13 -0800 (PST)
Received: by mail-wr0-x231.google.com with SMTP id n7so7571648wrn.5 for <dnsop@ietf.org>; Wed, 21 Feb 2018 11:16:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=2JkzA72aFtPQqgecnT5RWu2viucWI/Hp1FF4hjI25dU=; b=0txIxCr3358NaUFCx3OmcbyQ8XhT5MuSoSZuX2M7XpCTXo/D97g7v19czqn4SBNfv2 ScbywbNoAdE1p+sNs8VtxFHfLKZY5CK99CzZJ+PIrBWtzAUSHWFGDC1s9ikaC6i7VuUQ cLqZefHm5nID0AAQYuyZOsnb5QVV/vjxDexg3pi7ZANtxkMQVULOviL4jWD5BOd58f7D D6B6qOlvs6+rCDO6NF5rYbK/zpcw4gCzTTh64jpMulrpkx0zM6ZjvnFofLxCDwXmsEAx 4kEk8D1rLtPfWMPg3MdDG3QCoRtNWEsnK0u4ijn/MYqeLsQNMVPVbO37DdehqCy1do66 o21A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=2JkzA72aFtPQqgecnT5RWu2viucWI/Hp1FF4hjI25dU=; b=RbCQYZ28pwo0n/7nFEqyGrQSGJt4vcaUtVTNcMVinjj43X1cHjTKf++ys4AOrKKstJ 8y8fAMcGkM3Z+dJ4zqTcnxvzwmjRMVTRTuYxVQCh0mhsf3YDbJsF1q5r9ftnykcBKgOa tDtGiQI8tVXkONrWxbw7BqzzrKxLAHHKf9wgmBwlM6z/lIQdDLVjzlf9vcSAFHCRXPM4 fAbmigVbvoWTGtxmSosAs/X+tWPtoyAUIRfV6fiHPp1Xyd70iMirIOoDPkXAJYHav8Gx mFFwqtN1ku1smHvXWbNMNs5QmJOVjgIX29L4/L8Mexq+efszFbZjdYZGpOOS2l6cDArA cNjA==
X-Gm-Message-State: APf1xPAZZcJcwzNxtA6vMF9uv072DUUqQJowGXggg2uQbellHniTh29b 2t3nV0I6I1bU1igJrWnZet0bJmvajRK4sFhwPRzupCM6RX8=
X-Google-Smtp-Source: AH8x226pe/Nm8g15JN7rD94W+PbEElc7dwDRchqOyYNJVmQJLbFHu1OpDEoK/nNdAXF0eieOw4z/aQdBdMryc6FdWz4=
X-Received: by 10.223.162.152 with SMTP id s24mr4019618wra.148.1519240571003; Wed, 21 Feb 2018 11:16:11 -0800 (PST)
MIME-Version: 1.0
Received: by 10.223.152.242 with HTTP; Wed, 21 Feb 2018 11:15:30 -0800 (PST)
From: Warren Kumari <warren@kumari.net>
Date: Wed, 21 Feb 2018 14:15:30 -0500
Message-ID: <CAHw9_iLqEerV-So7704qu7A2mbD6YQbzdF8A3FEGtUPOE+6NWw@mail.gmail.com>
To: dnsop <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Kg7AtDhFRNw31He8n0_bMr9hBuE>
Subject: [DNSOP] KSK-Sentinal: Once more down the naming rathole.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Feb 2018 19:16:15 -0000

"There are 2 hard problems in computer science: cache invalidation,
naming things, and off-by-1 errors."


So, Petr pointed out that the draft says:
Section 3: "Note that the <tag-index> is specified in the DNS label
using hexadecimal notation."

and my demo site (and example presentations) has been using decimal notation.

Knot Resolver 2.1 already does the logic according to the draft (hex),
but is what the WG wants?

1: RFC1034, Sec 5.3: The DS RR Presentation Format sayeth:
  " The Key Tag field MUST be represented as an unsigned decimal
 integer."
2:  dig +multiline DNSKEY . shows keytags as decimal

3: The (authoritative?) IANA file
(http://data.iana.org/root-anchors/root-anchors.xml) lists the keytags
as decimal.

What does the WG prefer? Is the new KSK called "20326" or it is "4f66"?

Hex has the advantage that A: Knot already does this! B: it is shorter
as a label.

What would y'all like?

W
-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf