IETF Logo Mail Archive

Re: [DNSOP] Fwd: New Version Notificationfor draft-mekking-dnsop-auto-cpsync-00

"Stephan Lagerholm" <stephan.lagerholm@secure64.com> Tue, 29 June 2010 14:32 UTC

Return-Path: <stephan.lagerholm@secure64.com>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CAE403A6850 for <dnsop@core3.amsl.com>; Tue, 29 Jun 2010 07:32:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b127WIjMVq2g for <dnsop@core3.amsl.com>; Tue, 29 Jun 2010 07:32:22 -0700 (PDT)
Received: from mail.secure64.com (mail.secure64.com [66.37.130.20]) by core3.amsl.com (Postfix) with ESMTP id C18683A6B97 for <dnsop@ietf.org>; Tue, 29 Jun 2010 07:32:06 -0700 (PDT)
Received: by mail.secure64.com (Postfix, from userid 65534) id A504811ED54C5; Tue, 29 Jun 2010 08:32:16 -0600 (MDT)
Received: from exchange.secure64.com (exchange.secure64.com [192.168.254.250]) by mail.secure64.com (Postfix) with ESMTP id D7CF711EAD259; Tue, 29 Jun 2010 08:32:15 -0600 (MDT)
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Tue, 29 Jun 2010 08:32:07 -0600
Message-ID: <DD056A31A84CFC4AB501BD56D1E14BBB826B70@exchange.secure64.com>
In-Reply-To: <4C29FE8F.6030002@nlnetlabs.nl>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [DNSOP] Fwd: New Version Notificationfor draft-mekking-dnsop-auto-cpsync-00
Thread-Index: AcsXlKqG7zQHxyiqThG9/qYISsU/PwAAdxgg
References: <4C29F2FA.1000907@nlnetlabs.nl> <4C29FE8F.6030002@nlnetlabs.nl>
From: Stephan Lagerholm <stephan.lagerholm@secure64.com>
To: Matthijs Mekking <matthijs@NLnetLabs.nl>, dnsop@ietf.org
Subject: Re: [DNSOP] Fwd: New Version Notificationfor draft-mekking-dnsop-auto-cpsync-00
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jun 2010 14:32:24 -0000

HI Matthijs,

I like this draft but I'm a little bit concerned about the scalability.
How will a busy parent provision a unique secret key for each of the
child? And how will this key be transported between the parent and the
child in a secure way?

Thanks, Stephan
----------------------------------------------------------------------
Stephan Lagerholm
Senior DNS Architect, M.Sc. ,CISSP
Secure64 Software Corporation, www.secure64.com
Cell: 469-834-3940
> -----Original Message-----
> From: dnsop-bounces@ietf.org [mailto:dnsop-bounces@ietf.org] On Behalf
Of
> Matthijs Mekking
> Sent: Tuesday, June 29, 2010 9:09 AM
> To: dnsop@ietf.org
> Subject: Re: [DNSOP] Fwd: New Version Notificationfor
draft-mekking-dnsop-
> auto-cpsync-00
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> And here's the link:
> 
> http://www.ietf.org/id/draft-mekking-dnsop-auto-cpsync-00.txt
> 
> On 06/29/2010 03:19 PM, Matthijs Mekking wrote:
> > FYI,
> >
> > I have submitted this draft on the topic of automatic update of DS
(and
> > other records).
> >
> > Best regards,
> >
> > Matthijs Mekking
> > NLnet Labs
> >
> > -------- Original Message --------
> > Subject: New Version Notification for
draft-mekking-dnsop-auto-cpsync-00
> > Date: Tue, 29 Jun 2010 06:12:35 -0700 (PDT)
> > From: IETF I-D Submission Tool <idsubmission@ietf.org>
> > To: matthijs@nlnetlabs.nl
> >
> >
> > A new version of I-D, draft-mekking-dnsop-auto-cpsync-00.txt has
been
> > successfully submitted by Matthijs Mekking and posted to the IETF
> > repository.
> >
> > Filename:	 draft-mekking-dnsop-auto-cpsync
> > Revision:	 00
> > Title:		 Automated (DNSSEC) Child Parent Synchronization
using
> DNS UPDATE
> > Creation_date:	 2010-06-29
> > WG ID:		 Independent Submission
> > Number_of_pages: 6
> >
> > Abstract:
> > This document proposes a way to synchronise existing trust anchors
> > automatically between a child zone and its parent.  The algorithm
can
> > be used for other Resource Records that are required to delegate
from
> > a parent to a child such as NS and glue records.
> >
> >
> >
> >
> > The IETF Secretariat.
> >
> >
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> 
> iQEcBAEBAgAGBQJMKf6PAAoJEA8yVCPsQCW5T+8H/0DtagyXJJ7P1tzPyk/QNBuG
> LvQu7VLy7lgwMquu9AnHkugXRVyf4KJ7cWduNTyVSjqmoZ0tZc9tWfJ26QQjDk65
> amjWuXA9YKd21eili10jEOyjn13RIbOAO9c64VJHtmGubO+Ct5l7TUL8JKt+R6FB
> pGQT5LjXRGhA7KDKVNDCgtXHBbmMwr6Iwg4A2PrHQ7DxBRfALRlmzrx7PNjABh3q
> JTNiC0RYbSljq6Hi9fGOYse+QN4WoyAQS6PHLwMVKhZA2vFWBnz3mrgC1hQw6ysg
> x41nqvKqgc8PohiA8ZsERPdfpEBPw11n0zBvI09nttPVEVL+EwttbCLoIzDqXys=
> =ovIB
> -----END PGP SIGNATURE-----
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email