IETF Logo Mail Archive

Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-security-considerations-13.txt

Warren Kumari <warren@kumari.net> Fri, 20 July 2018 14:41 UTC

Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D2C2130EB4 for <dnsop@ietfa.amsl.com>; Fri, 20 Jul 2018 07:41:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Koah0JhXdy6V for <dnsop@ietfa.amsl.com>; Fri, 20 Jul 2018 07:41:42 -0700 (PDT)
Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2712F1310AB for <dnsop@ietf.org>; Fri, 20 Jul 2018 07:41:42 -0700 (PDT)
Received: by mail-wr1-x434.google.com with SMTP id c13-v6so11573346wrt.1 for <dnsop@ietf.org>; Fri, 20 Jul 2018 07:41:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=VuNL7d027Qj55KXbbS863jz+d2lYB6bnvAA34nwHCek=; b=t6HCmhwXbzqmQ80qXwQcTwfATFGjEgHHa4r6F5qNShSdEeaUik3Lb4c5iac4gRr98P hA2qMQWxsDMC9pICGcMwHJGq2q3C7yNLN1CEK0Jy7+dCxiIlXDak2EflXGy0MldHV/xB fd83uDcrJGLUjw+V3cLpsDVpEsWY1/Hx5YYM18hzBN5pUDlxBwf4hcmPmfNzeXqpACsV 1eYO93bD+4IvBOKQWFt9tQRYhh+oQRGy7qeiEQf5VkTi+vM7VIz4J4JOW33dV+jBsqqp 8WCcMYSF3Lx+1qATW/8tRT2aV2bZdLYWlBBEMVqr6VEJ/ZPYfWJzoZACa39tLRURk56+ 4lmw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=VuNL7d027Qj55KXbbS863jz+d2lYB6bnvAA34nwHCek=; b=ntu7JaKCwhTzoXa5kAP1wdohoj1wNxhtedsykusdVkrExkoJf3folarct0Uzt6YAev MvRB8POG6ECxHxNw3zOYFE5SD5ER8IRl68BzVkSI0czpBvBIKsva1lOrL9hIKTum1oM+ l04naiC6Xi4bdWbj9mNTBMKz0eb6UGLSbYBjnIaZC2Yg9Fc2DLyYzbgo5ysIAAMhKmGq 1oxq1DcfrkGj1Bi/zhF6xhbHEhphsOsKFiNxW/oAZlz/jF6gYzv4GQnazwwqAoxKXdoZ kzdVXBNRq7nP4Oax3O1+OpnN9pAlTyaVmw9KrejLc7Ay+D86k/U6ulRWUUJGWmy2Lt8o hwUA==
X-Gm-Message-State: AOUpUlGcW6SVU7pyPNpwJrk3sUhrQiLgmXfI3x/xpFrEE1aZRX5hjDBI b0SLewuJpUAjPh8VzAWrKuB2lJmJFTRm2yEFAiS8rBzulgggRA==
X-Google-Smtp-Source: AAOMgpfCfNUGFkVeShOXxvivfeKyLyr1NYLyJ11QjYXr6W7FoYYxCZbs6PEqQlQMY9GTZSZ6RPm7p5sM/XGLiqCSvOE=
X-Received: by 2002:adf:ba12:: with SMTP id o18-v6mr1790702wrg.249.1532097700460; Fri, 20 Jul 2018 07:41:40 -0700 (PDT)
MIME-Version: 1.0
References: <153174539326.23149.7392295208412679544@ietfa.amsl.com> <CAN6NTqy=ETR5nDWSdz1hL+MKSCtVoZLcZ3_hYqa4U6So_=LMQQ@mail.gmail.com> <CAHw9_iJ4CR1kT7Weps0E8=XQ05rfY6ZLSs9uw=TxxTmS8Q3LHw@mail.gmail.com> <CAHw9_iJpmmYXosTjMn=euEd7qsc6k-9D950hjtHztz1axZSukA@mail.gmail.com> <23377.23042.980210.802345@gro.dd.org>
In-Reply-To: <23377.23042.980210.802345@gro.dd.org>
From: Warren Kumari <warren@kumari.net>
Date: Fri, 20 Jul 2018 10:41:04 -0400
Message-ID: <CAHw9_iKZgQQGD2bP-558a6R7ysQPPtu5_RB=U8=ruUYZfWUE1Q@mail.gmail.com>
To: Dave Lawrence <tale@dd.org>
Cc: dnsop <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Qjqa_ZHEJ-9jdrl7G3y7SltO9Jc>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-security-considerations-13.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jul 2018 14:41:46 -0000

[ Top-post ]

Thank you to Ólafur and Dave for their comments -- I know that the
discussion on the draft has been long and the draft is filled with
minutia, but we'd dearly love more feedback, positive or negative.

W


On Thu, Jul 19, 2018 at 11:42 PM Dave Lawrence <tale@dd.org> wrote:
>
> Warren Kumari writes:
> > On Wed, Jul 18, 2018 at 9:36 AM Warren Kumari <warren@kumari.net> wrote:
> > >
> > > The authors are more than happy to change the name to that...
> > .... but we would really really appreciate more comments / review.
>
> I support publication as-is, existing title and all.  It is a valuable
> document about the operational considerations for which DNSSEC signers
> really need better guidance.  I do not think the title needs changing,
> as it clearly says it is targeted at the publishing side.
>
> The "publication considered harmful" claim needs explanation as to the
> harms that would be caused.
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

v2.23.0 | Report a Bug | By Email