IETF Logo Mail Archive

Re: [DNSOP] [homenet] Fwd: WGLC on "redact" and "homenet-dot"

George Michaelson <ggm@algebras.org> Thu, 15 December 2016 01:16 UTC

Return-Path: <ggm@algebras.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CAF2129BF3 for <dnsop@ietfa.amsl.com>; Wed, 14 Dec 2016 17:16:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=algebras-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tIIrUAlhNo1K for <dnsop@ietfa.amsl.com>; Wed, 14 Dec 2016 17:16:50 -0800 (PST)
Received: from mail-vk0-x22a.google.com (mail-vk0-x22a.google.com [IPv6:2607:f8b0:400c:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A0E81294AB for <dnsop@ietf.org>; Wed, 14 Dec 2016 17:16:50 -0800 (PST)
Received: by mail-vk0-x22a.google.com with SMTP id x186so55812445vkd.1 for <dnsop@ietf.org>; Wed, 14 Dec 2016 17:16:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=algebras-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=JlZF2g6fymJnyxgqrsHrnThP3rA6w1Dr3MiPWUUGK4E=; b=DIpdhCnM6ZBmSg9CWcEInE2u3DTLXbxkvIMwWhoG3lQCobE8OMawXckvVxevjynECj ZpE0Jc3PzRmbgvC+2poRb28oOGlmvHmiuxK7u2bbKbzDFNKGa5esw0C34bN6MdThtRjm m/lnBa7Dc+qfgKQRSbBpP2vd+1Japzk20/PCOPshPUH3JxshqsjrTYdqhBl3gqEViFnM 8fw787EQhWCLBb5FRxdTK06mj+cQLShtyVFN13tvlfeuYBLSc3kGPuPyB+3sHWfL0W7F CtIExuhb+tlxKVXLzni11Z7ivM9ggQkZPxdk/hOKPLZYRvKQzDrKl/BgUxI3ao5WdPWf HPlQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=JlZF2g6fymJnyxgqrsHrnThP3rA6w1Dr3MiPWUUGK4E=; b=Il9eMyU+Fek+sQpK77fB6FjrXFaOAGAUZeABcALaNIW5ZSJQyrdjw/f7TX+09RUbRv ugdqZFViOzDFcAKNi1F9Zui9nVe26xnVe5712en4sAdQ7+UvcFBpXof2rjsJtm+tu3mT hV9Un04a/9ffznEJUi+5p0/ex6NAXn31dc/dx2dVzdFX1SHEr/gp05Rvufz9+ZW8HqmM VzHRwP8Ro46f57AnH5dcOBQCAjLUFjZKAJnsWuPAJE9p1U3YMfV02JQkLzdkRBjUld7R tMkntCxE86CfF1lcyHmZvhKqjvxYg18MEmVdMwtl3CfdipDUPrIWQlP5sNMOdofjua0L XRyg==
X-Gm-Message-State: AKaTC02czho3iMaCiAQiM9fqd2kQhi5R40yUGqdOyjQ1IBHmP9g5I6K9l8zv5AoEK+qf3OjHiV8x3cQHYKt9VA==
X-Received: by 10.176.69.195 with SMTP id u61mr34211673uau.165.1481764609079; Wed, 14 Dec 2016 17:16:49 -0800 (PST)
MIME-Version: 1.0
Received: by 10.103.16.133 with HTTP; Wed, 14 Dec 2016 17:16:48 -0800 (PST)
X-Originating-IP: [2001:dc0:a000:4:4d1a:c1c9:8a2a:49aa]
In-Reply-To: <alpine.OSX.2.11.1612141948330.4133@ary.qy>
References: <20161214220428.1688.qmail@ary.lan> <9EC2695D-5CC5-479F-9998-27810608E71E@fugue.com> <alpine.OSX.2.11.1612141948330.4133@ary.qy>
From: George Michaelson <ggm@algebras.org>
Date: Thu, 15 Dec 2016 11:16:48 +1000
Message-ID: <CAKr6gn2qY4DNe+XJUD1UawibxQkW_ZWdiftFx6J4w-0aFWALBA@mail.gmail.com>
To: John R Levine <johnl@taugh.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/NJg-YjbEAkBNzGRZHWSYDwtIoZI>
Cc: dnsop WG <dnsop@ietf.org>, Ted Lemon <mellon@fugue.com>
Subject: Re: [DNSOP] [homenet] Fwd: WGLC on "redact" and "homenet-dot"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Dec 2016 01:16:52 -0000

Two conversations in one thread is confusing.

There is a part which is about the name as a label. in the root? not
in the root? under .arpa? which process? why? -Thats mired. I'm trying
not to re-ignite flames having covered myself in petrol some time ago.

There is a part which is 'can we do DNSSEC better' about protocol and
encoding and technology. This part interests me more right now,
because it feels tractable: we're asking questions about how DNSSEC
works, and corner-cases. It feels like we're exploring the need for
something which isn't NSEC or NSEC3 but is a public signed repudiation
of things declaring them as not being in the DNS. Which is kind-of
cool because it solves one of the other (6761) questions about how to
say 'not in the DNS' if we do it right.

The problem is we want it to work with prior code. I'm struggling to
understand how that works without a time machine.

-G

On Thu, Dec 15, 2016 at 10:48 AM, John R Levine <johnl@taugh.com> wrote:
>>> But it's worse than that -- if your client software does DNSSEC
>>> validation it needs to understand that homenet is a special case and
>>> it's OK not to validate.
>>> [etc]
>>
>>
>> That is precisely why we need an unsecured delegation.
>
>
> Except that as the [etc] said, it doesn't really solve the problem.
>
> Regards,
> John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
> Please consider the environment before reading this e-mail. https://jl.ly
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email