Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-for-free
George Michaelson <ggm@algebras.org> Wed, 23 March 2016 22:33 UTC
Return-Path: <ggm@algebras.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2054512D9FA for <dnsop@ietfa.amsl.com>; Wed, 23 Mar 2016 15:33:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=algebras-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C36LqRcKgObD for <dnsop@ietfa.amsl.com>; Wed, 23 Mar 2016 15:33:29 -0700 (PDT)
Received: from mail-ob0-x236.google.com (mail-ob0-x236.google.com [IPv6:2607:f8b0:4003:c01::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3326A12D9F8 for <dnsop@ietf.org>; Wed, 23 Mar 2016 15:33:28 -0700 (PDT)
Received: by mail-ob0-x236.google.com with SMTP id m7so24275848obh.3 for <dnsop@ietf.org>; Wed, 23 Mar 2016 15:33:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=algebras-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=JVgJgq0eFj8zk96uqXYYidSOg1nA1pX3dfMF2u0Z7vI=; b=Geaym8t621OFna0s6Ye8D/3YA4UTe9q0XIN7kSoC58++33tT3jnyXeUMGEL3afadiy sRQVqNb7zlMUB1xBIR4VcLDrqU3oTCttuyWpRiyRYUPjTdFeGKsgZWt1Vtd5FOTnhRA4 x+u7HhJXWLfyWQIuXtuGyUounhzb+qzk4y6wfqE+tQdFvouE8Vukm5XLmLHGZMNbHGCp 4BsS9ppYr3vhHiHaCeSCtaglzH17B0cabR2O3qls5fFwIUxRjAwE1laODPW+M25R45Pe Txom1JYq97Muj1gQyO71OBQPVaiGiJ/WW97qqP7FK3Ne6xwbaFRBc+7/YajcVwr8xixm WPfA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=JVgJgq0eFj8zk96uqXYYidSOg1nA1pX3dfMF2u0Z7vI=; b=RD3Kd/IgbEqTLMRA0dTcB9G/ilJCHUhUtlYO2bpjHTU13F9ibF5ivTJwEofH8T6pjC OVeELqhKQU0nBK33Vev0P054ARC9zajdOl+9ulyXseY+4RB8JVGW/gZe2+N7HZARHfEu Gy15X+ttoPTg+EdYMbn+xWmMTWULj1UtpcTMVATA+xjB3HMLjcFEaegYCm5CR+qz/5z6 by/UAkeJPgqtLHz+b1tGrnVnADmw4VnCcnj/C22cNiflMvCsE8arfDhBBIR8Xr0m2qsc d7iksyRXYbjIW5VmTFg4nJlzgLppLcBCCkkbXPb5O6rdfDCm4751zpxOPygSG2sA9OT3 PEmA==
X-Gm-Message-State: AD7BkJJCmeqMnk9vQ6DApbYfLSrsgvLrD9QwlINoqqzZ63ctk/Tj389Nak3IxfHM6o0AU7Xm6jFY8YAWMoB3LA==
MIME-Version: 1.0
X-Received: by 10.182.153.10 with SMTP id vc10mr2877880obb.10.1458772408418; Wed, 23 Mar 2016 15:33:28 -0700 (PDT)
Received: by 10.182.187.97 with HTTP; Wed, 23 Mar 2016 15:33:28 -0700 (PDT)
X-Originating-IP: [2001:dc0:a000:4:4c5c:4ce6:b1ce:618e]
In-Reply-To: <56F3064C.90506@redhat.com>
References: <CAC=TB13r_7TPEcUeZqH6sxqKXHRn7TgFwLwdqjBxa57aqS1MZg@mail.gmail.com> <20160323130755.GA798@mx2.yitter.info> <CAC=TB10whpfc15pW-USiy3=4AC1rM-EWg72M4bzHN3CyDhWDTw@mail.gmail.com> <20160323200310.GI1450@mx2.yitter.info> <56F3064C.90506@redhat.com>
Date: Thu, 24 Mar 2016 08:33:28 +1000
Message-ID: <CAKr6gn25trZSVc9b1mUPOwJiqfThJmQM75CpMh8ORy_sOXAgsw@mail.gmail.com>
From: George Michaelson <ggm@algebras.org>
To: Florian Weimer <fweimer@redhat.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/KgqCGH5KX7QdMrm2uynPNL30f6E>
Cc: dnsop WG <dnsop@ietf.org>
Subject: Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-for-free
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Mar 2016 22:33:34 -0000
On Thu, Mar 24, 2016 at 7:10 AM, Florian Weimer <fweimer@redhat.com> wrote: > DO was used initially for SIG and kept for RRSIG. For an early DNSSEC > implementation, RRSIG was just another unsolicited RR type because it > could only know about SIG. This suggests (to me at least) that > practically speaking, DO isn't strongly tied to DNSSEC. > > Florian Very strong +1. The % of incoming query with DO set is far, far higher than the % of incoming query seen at authority who subsequently ask for DS/DNSKEY at zone and parent. There is a good, strong indication that resolvers pass DO as a compile/run flag of capability to handle additional records in response, not as an indication of intent to perform any function using them. (this is with fresh unseen domains, where there is no opportunistic cache of the DNSKEY or DS, so the absence of a fetch of them is a very good indicator there was no intent to try and use the RRSIG sent back as a result of DO being sent in query) -G
- [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-for-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Mark Andrews
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Wouters
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Vixie
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Wouters
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Mark Andrews
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Mark Andrews
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Wouters
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Vixie
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… George Michaelson
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Vixie
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… George Michaelson
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Vixie
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Tony Finch
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Bob Harold
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Shumon Huque
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Mark Andrews
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Shane Kerr
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Mark Andrews
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Tony Finch
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Andrew Sullivan
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Andrew Sullivan
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Tony Finch
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Philip Homburg
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Ólafur Guðmundsson
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Joao Damas
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Florian Weimer
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Florian Weimer
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Andrew Sullivan
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Florian Weimer
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Darcy Kevin (FCA)
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Paul Wouters
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… George Michaelson
- [DNSOP] Stub resolvers and A+AAAA (was Introducin… Shane Kerr
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Andrew Sullivan
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… John Levine
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Marek Vavruša
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Ólafur Guðmundsson
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… John Levine
- Re: [DNSOP] Introducing draft-vavrusa-dnsop-aaaa-… Andrew Sullivan