Re: [DNSOP] Benjamin Kaduk's No Objection on draft-ietf-dnsop-attrleaf-fix-04: (with COMMENT)

Dave Crocker <dhc@dcrocker.net> Wed, 10 October 2018 21:27 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C682128CE4; Wed, 10 Oct 2018 14:27:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.491
X-Spam-Level:
X-Spam-Status: No, score=-2.491 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=dcrocker.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LEzMotKMCADC; Wed, 10 Oct 2018 14:27:40 -0700 (PDT)
Received: from simon.songbird.com (simon.songbird.com [72.52.113.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E99F128CB7; Wed, 10 Oct 2018 14:27:40 -0700 (PDT)
Received: from [172.16.20.49] ([64.80.128.22]) (authenticated bits=0) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id w9ALS1ik015441 (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 10 Oct 2018 14:28:03 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dcrocker.net; s=default; t=1539206885; bh=D6sXedhzEY5+7DSBm0qzxCddgfvfxCp9nodHNPcrefM=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=ijmTVtQl5pKRc81Mp2EZ7iOyWEpXqmoI8vWzVY2GzG6gxQozPhtQ3KsIPqmqy2m8r GiDOZfu/2jQ942jxN21acMSrUKrqE25fUN8XgVpNnaHsmEj9wSvOAnB1F6UXZOfJt0 H4gMY/V1jPxe+Rrv8T8j/mg6Ke5ED1mHd8Ssb88o=
To: Benjamin Kaduk <kaduk@mit.edu>, The IESG <iesg@ietf.org>
Cc: benno@NLnetLabs.nl, dnsop@ietf.org, dnsop-chairs@ietf.org, draft-ietf-dnsop-attrleaf-fix@ietf.org
References: <153919497179.5775.16926445188048004527.idtracker@ietfa.amsl.com>
From: Dave Crocker <dhc@dcrocker.net>
Message-ID: <86da0edf-fbc2-1235-85f5-28a9d89ae9dc@dcrocker.net>
Date: Wed, 10 Oct 2018 17:27:44 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <153919497179.5775.16926445188048004527.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Mjnzuqy2oRRvB_hprfwiGTOJL7E>
Subject: Re: [DNSOP] Benjamin Kaduk's No Objection on draft-ietf-dnsop-attrleaf-fix-04: (with COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Oct 2018 21:27:42 -0000

On 10/10/2018 2:09 PM, Benjamin Kaduk wrote:
> One other comment, in  Section 3.1:
> 
> Why is the new text only placing a "SHOULD be registered" requirement, as
> opposed to MUST?


It permits use-before-registration, which avoids registration as a 
barrier to adoption.

There is essentially no real risk incurred by this, noting that the 
semantics of SHOULD translates into "you really must do this, unless you 
are very knowledgeable and careful about why you aren't doing it right now.)


d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net