Re: [DNSOP] Comments on DS Publication draft
"Stephan Lagerholm" <stephan.lagerholm@secure64.com> Thu, 11 November 2010 22:41 UTC
Return-Path: <stephan.lagerholm@secure64.com>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 459C23A6452 for <dnsop@core3.amsl.com>; Thu, 11 Nov 2010 14:41:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.713
X-Spam-Level:
X-Spam-Status: No, score=0.713 tagged_above=-999 required=5 tests=[AWL=1.208, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7CZL4ecxznpx for <dnsop@core3.amsl.com>; Thu, 11 Nov 2010 14:41:55 -0800 (PST)
Received: from zimbra.secure64.com (unknown [64.92.221.189]) by core3.amsl.com (Postfix) with ESMTP id 7BFE23A6A87 for <dnsop@ietf.org>; Thu, 11 Nov 2010 14:41:47 -0800 (PST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbra.secure64.com (Postfix) with ESMTP id AE882B82A3; Thu, 11 Nov 2010 15:39:12 -0700 (MST)
X-Virus-Scanned: amavisd-new at secure64.com
Received: from zimbra.secure64.com ([127.0.0.1]) by localhost (zimbra.secure64.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EoB89mU1dX06; Thu, 11 Nov 2010 15:39:11 -0700 (MST)
Received: from exchange.secure64.com (exchange.secure64.com [192.168.254.250]) by zimbra.secure64.com (Postfix) with ESMTPSA id A98C2B825D; Thu, 11 Nov 2010 15:39:11 -0700 (MST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=secure64.com; s=2010; t=1289515151; bh=dxgZJR2sMeVvRs+3aTymkMo9JMztO6OLj67c0AhMij4=; h=MIME-Version:Content-Type:Content-Transfer-Encoding:Subject:Date: Message-ID:In-Reply-To:References:From:To; b=aqerEU0xgAziYvD4OMQ5P 4FYJz7p+mtGyHtQslRZd2MMSDQQ4VSxnHvf/ZS4uijSYD2A1kYdeoduPMsU+DC++3uM Q4n4at81Ef4YIvAJPfr2yMvJghodiOubo/YzYaB9pTIX9gC4R7A+xfIzAvXzHcIllN1 IHss88PpT4iRJ3MY=
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Thu, 11 Nov 2010 15:32:24 -0700
Message-ID: <DD056A31A84CFC4AB501BD56D1E14BBB8C48FA@exchange.secure64.com>
In-Reply-To: <5D4DF4FC312644CE96DA636906C34DA3@local>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [DNSOP] Comments on DS Publication draft
Thread-Index: AcuB7YkhBMo4aFo7Q7m3JLvWL6QqNgAA5Q8A
References: <F27EDA31-5A71-42F8-B7BF-D5B1E8ACBCA1@iis.se> <5D4DF4FC312644CE96DA636906C34DA3@local>
From: Stephan Lagerholm <stephan.lagerholm@secure64.com>
To: George Barwood <george.barwood@blueyonder.co.uk>, Rickard Bellgrim <rickard.bellgrim@iis.se>, dnsop@ietf.org
Subject: Re: [DNSOP] Comments on DS Publication draft
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Nov 2010 22:41:57 -0000
> -----Original Message----- > From: dnsop-bounces@ietf.org [mailto:dnsop-bounces@ietf.org] On Behalf Of > George Barwood > Sent: Thursday, November 11, 2010 4:15 PM > To: Rickard Bellgrim; dnsop@ietf.org > Subject: Re: [DNSOP] Comments on DS Publication draft > > > ----- Original Message ----- > From: "Rickard Bellgrim" <rickard.bellgrim@iis.se> > To: <dnsop@ietf.org> > Sent: Wednesday, November 10, 2010 3:53 PM > Subject: [DNSOP] Comments on DS Publication draft > > > > Hi > > > > I have some comments on the document draft-barwood-dnsop-ds-publish-01: > > > > 1. Introduction (3rd paragraph) > > It is not always the case that the child is the one defining the DS > RRset. Some parents wants (for some reason) to create the DS RRset based > on their own policy (choice of hash) and based on what DNSKEY RR the child > send in. > > I'll take your word for this, but this practice seems a "very bad idea" to > me. .GOV currently creates their own DS from the DNSKEY they "customer" uploads to the web gui. There is no way to create the DS yourself. I agree that this is bad practice but I think we need to take this into account. /S
- [DNSOP] Comments on DS Publication draft Rickard Bellgrim
- Re: [DNSOP] Comments on DS Publication draft George Barwood
- Re: [DNSOP] Comments on DS Publication draft Stephan Lagerholm
- Re: [DNSOP] Comments on DS Publication draft Rickard Bellgrim
- Re: [DNSOP] Comments on DS Publication draft Stephan Lagerholm
- Re: [DNSOP] Comments on DS Publication draft Olafur Gudmundsson