[DNSOP] Re: [Ext] Genart last call review of draft-ietf-dnsop-rfc7958bis-03
Paul Hoffman <paul.hoffman@icann.org> Fri, 02 August 2024 23:52 UTC
Return-Path: <paul.hoffman@icann.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9E4BC180B55; Fri, 2 Aug 2024 16:52:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5rW51Q0O3_85; Fri, 2 Aug 2024 16:52:50 -0700 (PDT)
Received: from ppa2.lax.icann.org (ppa2.lax.icann.org [192.0.33.77]) by ietfa.amsl.com (Postfix) with ESMTP id 70F90C151995; Fri, 2 Aug 2024 16:52:50 -0700 (PDT)
Received: from MBX112-E2-CO-1.pexch112.icann.org (out.mail.icann.org [64.78.33.7]) by ppa2.lax.icann.org (8.18.1.2/8.18.1.2) with ESMTPS id 472NqnKb001180 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 2 Aug 2024 23:52:49 GMT
Received: from MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) by MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.11; Fri, 2 Aug 2024 16:52:48 -0700
Received: from MBX112-W2-CO-1.pexch112.icann.org ([169.254.44.235]) by MBX112-W2-CO-1.pexch112.icann.org ([169.254.44.235]) with mapi id 15.02.1544.011; Fri, 2 Aug 2024 16:52:48 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: Dan Romascanu <dromasca@gmail.com>
Thread-Topic: [Ext] Genart last call review of draft-ietf-dnsop-rfc7958bis-03
Thread-Index: AQHa5OVR5pG/jjw3g02TIynvszbzdLIVGbSA
Date: Fri, 02 Aug 2024 23:52:48 +0000
Message-ID: <6D4AC535-DCD5-4FF8-8181-C357C6CC72DE@icann.org>
References: <172260761647.85249.18335765960121592566@dt-datatracker-6dd76c4557-2mkrj>
In-Reply-To: <172260761647.85249.18335765960121592566@dt-datatracker-6dd76c4557-2mkrj>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.0.32.234]
x-source-routing-agent: True
Content-Type: text/plain; charset="us-ascii"
Content-ID: <691AE1AAA8B709459A7D896AA0AFA481@pexch112.icann.org>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-08-02_19,2024-08-02_01,2024-05-17_01
Message-ID-Hash: FOX2WSLX67SUD4SFXM5HV2KRSNCNETUV
X-Message-ID-Hash: FOX2WSLX67SUD4SFXM5HV2KRSNCNETUV
X-MailFrom: paul.hoffman@icann.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "gen-art@ietf.org" <gen-art@ietf.org>, "dnsop@ietf.org WG" <dnsop@ietf.org>, "draft-ietf-dnsop-rfc7958bis.all@ietf.org" <draft-ietf-dnsop-rfc7958bis.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [DNSOP] Re: [Ext] Genart last call review of draft-ietf-dnsop-rfc7958bis-03
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/R42y_5IaBiJ4YRCqTI5hg-lgaGg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
Thanks for your review. On Aug 2, 2024, at 07:06, Dan Romascanu via Datatracker <noreply@ietf.org> wrote: > Summary: > > The document is clear and detailed in all its technical aspects. I have two > issues that I would suggest to be addressed before approval. If they are > already addressed indirectly I would be glad to be pointed to the text. I > categorized them as Minor, as they probably do not impact interoperability > within the same version of the mechanism. > > Major issues: > > Minor issues: > > 1. Section 1.2 includes a detailed list of changes from RFC 7985 which is fine. > What I am missing, however, is a clear description of the motivation that led > to the update. Was that to include the content of the Errata? Was it because of > operational or security problems in the deployment? Something else. The initial motivations were a significant errata, and also requests for two new features (the PublicKey entity and XML comments). > 2. Is there a requirement for backwards interoperability with the format and > publication mechanisms described in RFC 7958. Somewhat. DNS has a backwards-compatibility problem as strong as most other parts of the Internet protocols. The assumption in this version is that a relying party who is reading the trust anchor file is using a normal XML processor (so it won't barf on XML comments) and that the processor can handle new entities if given a new RELAX NG schema. > If yes, how is this ensured? It cannot be. If software that retrieves a file with the extended format fails, it will not have any trust anchors. This would hopefully be noticed by the operator. > In > any case, what is IANA instructed to do with the old records? There are no such instructions. There is only one URL in the RFC and draft, for the current trust anchor file. > Nits/editorial comments: > > Section 1.2 mentions 'Added an IANA Considerations section' as a change from > RFC 7598. Actually there is an IANA Considerations section in RFC 7598. So > probably what was meant was probably 'Updated the RFC Considerations Section'. Good catch; fixed. --Paul Hoffman
- [DNSOP] Genart last call review of draft-ietf-dns… Dan Romascanu via Datatracker
- [DNSOP] Re: [Ext] Genart last call review of draf… Paul Hoffman
- [DNSOP] Re: [Ext] Genart last call review of draf… Dan Romascanu