[DNSOP] KSK-Sentinal: Once more down the naming rathole.
Warren Kumari <warren@kumari.net> Wed, 21 February 2018 19:16 UTC
Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id F37FD1289B0
for <dnsop@ietfa.amsl.com>; Wed, 21 Feb 2018 11:16:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id hcObKZAsV-sQ for <dnsop@ietfa.amsl.com>;
Wed, 21 Feb 2018 11:16:13 -0800 (PST)
Received: from mail-wr0-x231.google.com (mail-wr0-x231.google.com
[IPv6:2a00:1450:400c:c0c::231])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 39177124BAC
for <dnsop@ietf.org>; Wed, 21 Feb 2018 11:16:13 -0800 (PST)
Received: by mail-wr0-x231.google.com with SMTP id n7so7571648wrn.5
for <dnsop@ietf.org>; Wed, 21 Feb 2018 11:16:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=kumari-net.20150623.gappssmtp.com; s=20150623;
h=mime-version:from:date:message-id:subject:to;
bh=2JkzA72aFtPQqgecnT5RWu2viucWI/Hp1FF4hjI25dU=;
b=0txIxCr3358NaUFCx3OmcbyQ8XhT5MuSoSZuX2M7XpCTXo/D97g7v19czqn4SBNfv2
ScbywbNoAdE1p+sNs8VtxFHfLKZY5CK99CzZJ+PIrBWtzAUSHWFGDC1s9ikaC6i7VuUQ
cLqZefHm5nID0AAQYuyZOsnb5QVV/vjxDexg3pi7ZANtxkMQVULOviL4jWD5BOd58f7D
D6B6qOlvs6+rCDO6NF5rYbK/zpcw4gCzTTh64jpMulrpkx0zM6ZjvnFofLxCDwXmsEAx
4kEk8D1rLtPfWMPg3MdDG3QCoRtNWEsnK0u4ijn/MYqeLsQNMVPVbO37DdehqCy1do66
o21A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
bh=2JkzA72aFtPQqgecnT5RWu2viucWI/Hp1FF4hjI25dU=;
b=RbCQYZ28pwo0n/7nFEqyGrQSGJt4vcaUtVTNcMVinjj43X1cHjTKf++ys4AOrKKstJ
8y8fAMcGkM3Z+dJ4zqTcnxvzwmjRMVTRTuYxVQCh0mhsf3YDbJsF1q5r9ftnykcBKgOa
tDtGiQI8tVXkONrWxbw7BqzzrKxLAHHKf9wgmBwlM6z/lIQdDLVjzlf9vcSAFHCRXPM4
fAbmigVbvoWTGtxmSosAs/X+tWPtoyAUIRfV6fiHPp1Xyd70iMirIOoDPkXAJYHav8Gx
mFFwqtN1ku1smHvXWbNMNs5QmJOVjgIX29L4/L8Mexq+efszFbZjdYZGpOOS2l6cDArA
cNjA==
X-Gm-Message-State: APf1xPAZZcJcwzNxtA6vMF9uv072DUUqQJowGXggg2uQbellHniTh29b
2t3nV0I6I1bU1igJrWnZet0bJmvajRK4sFhwPRzupCM6RX8=
X-Google-Smtp-Source: AH8x226pe/Nm8g15JN7rD94W+PbEElc7dwDRchqOyYNJVmQJLbFHu1OpDEoK/nNdAXF0eieOw4z/aQdBdMryc6FdWz4=
X-Received: by 10.223.162.152 with SMTP id s24mr4019618wra.148.1519240571003;
Wed, 21 Feb 2018 11:16:11 -0800 (PST)
MIME-Version: 1.0
Received: by 10.223.152.242 with HTTP; Wed, 21 Feb 2018 11:15:30 -0800 (PST)
From: Warren Kumari <warren@kumari.net>
Date: Wed, 21 Feb 2018 14:15:30 -0500
Message-ID: <CAHw9_iLqEerV-So7704qu7A2mbD6YQbzdF8A3FEGtUPOE+6NWw@mail.gmail.com>
To: dnsop <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Kg7AtDhFRNw31He8n0_bMr9hBuE>
Subject: [DNSOP] KSK-Sentinal: Once more down the naming rathole.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>,
<mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>,
<mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Feb 2018 19:16:15 -0000
"There are 2 hard problems in computer science: cache invalidation, naming things, and off-by-1 errors." So, Petr pointed out that the draft says: Section 3: "Note that the <tag-index> is specified in the DNS label using hexadecimal notation." and my demo site (and example presentations) has been using decimal notation. Knot Resolver 2.1 already does the logic according to the draft (hex), but is what the WG wants? 1: RFC1034, Sec 5.3: The DS RR Presentation Format sayeth: " The Key Tag field MUST be represented as an unsigned decimal integer." 2: dig +multiline DNSKEY . shows keytags as decimal 3: The (authoritative?) IANA file (http://data.iana.org/root-anchors/root-anchors.xml) lists the keytags as decimal. What does the WG prefer? Is the new KSK called "20326" or it is "4f66"? Hex has the advantage that A: Knot already does this! B: it is shorter as a label. What would y'all like? W -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf
- [DNSOP] KSK-Sentinal: Once more down the naming r… Warren Kumari
- Re: [DNSOP] KSK-Sentinal: Once more down the nami… Paul Hoffman
- Re: [DNSOP] KSK-Sentinal: Once more down the nami… Bob Harold
- Re: [DNSOP] KSK-Sentinal: Once more down the nami… Joe Abley
- Re: [DNSOP] KSK-Sentinal: Once more down the nami… Wessels, Duane
- Re: [DNSOP] [Ext] Re: KSK-Sentinal: Once more dow… Edward Lewis
- Re: [DNSOP] [Ext] Re: KSK-Sentinal: Once more dow… Petr Špaček
- Re: [DNSOP] [Ext] Re: KSK-Sentinal: Once more dow… Ralph Dolmans
- Re: [DNSOP] [Ext] Re: KSK-Sentinal: Once more dow… Joe Abley
- Re: [DNSOP] [Ext] Re: KSK-Sentinal: Once more dow… Petr Špaček
- Re: [DNSOP] [Ext] Re: KSK-Sentinal: Once more dow… Matt Larson
- Re: [DNSOP] [Ext] Re: KSK-Sentinal: Once more dow… Joe Abley