Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-requirements-10.txt
"Wessels, Duane" <dwessels@verisign.com> Tue, 08 June 2021 23:25 UTC
Return-Path: <dwessels@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D28DF3A1007 for <dnsop@ietfa.amsl.com>; Tue, 8 Jun 2021 16:25:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z6TxtdSdUKP1 for <dnsop@ietfa.amsl.com>; Tue, 8 Jun 2021 16:25:20 -0700 (PDT)
Received: from mail3.verisign.com (mail3.verisign.com [72.13.63.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 688BD3A1005 for <dnsop@ietf.org>; Tue, 8 Jun 2021 16:25:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=10408; q=dns/txt; s=VRSN; t=1623194722; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=i1smgQthldnCXqOVaWP68JPvMP8hP4FTKRWtviKmnJg=; b=iFJk5NNd2ikgcjLZeWseO6eWzKh+n0ILzLjHasHYytwdhZ2I3Ri0aAYY 1nXTiy0L8HBYj+ibjC9yrFe59i78KtdcNnH4+VUMYX0EruMmqltI9cfbR z2DbV41RKHfO7c+F268HChWfan7ZreOH3EQznYVrfaUPROGm3rOW2/xon erlcwmFdX+/+ZIh+3nfsiytkwA63X3/TY4FecYcb69kKBgEAkYBL1D0ZF k7YIMCoP8FdExp9QgL1v/RDhFU0esdvIXBnN7f69dEBobEgn/Gqi890aQ 4/0eXO2Ba3N2ZB3zSZmlWCbuyUIxlas8ifPoVJb7G1FHvwIMFC3aqgIUS w==;
IronPort-SDR: rLguiwBnBYQNRg5LyUHyD0n6dus9dtIdlzIAQZoCKFxFaK6Mh+IypdiI6oyHPQNBiVt/Q8Whxb 17il+qYgDdn4pSUzbbkWs1h15Xo/moN1ug/OIWswOkUdnH0WEgsXYZGFE0bd1oBjq0cOc1qOZR 47v+8T1XZDnPh9eu4XNDCl9cBEZ+ITE7rRBNo0suc340a3/BW6ffEUrMh3ULh4w5cch0EtkXMQ v3G8WmEwN5EMv8yPMxd/YCy7SxdPg3oLQR25xnsAARV0nkZcoKa+z3yWFAvO5bFFwtUAb4vFK3 g0Y=
IronPort-HdrOrdr: A9a23:3GZc964L38ZYvFMf3APXwOTXdLJyesId70hD6qkoc20xTiXqrb HLoB17726OtN9/YhAdcLy7UpVoBEmsl6KdgrNhR4tKPjOHhILAFugLhrcKgQeQeBEWndQw6U 4UScZD4arLYmSS4/yW3ODyKadG/DDOytHPuQ9Pp00dND2CRZsQlztENg==
X-IronPort-AV: E=Sophos; i="5.83,259,1616457600"; d="p7s'?scan'208"; a="8030124"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10; Tue, 8 Jun 2021 19:25:18 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d]) by BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d%12]) with mapi id 15.01.2242.010; Tue, 8 Jun 2021 19:25:18 -0400
From: "Wessels, Duane" <dwessels@verisign.com>
To: "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-requirements-10.txt
Thread-Index: AQHXXL2Lsq4/yy+uhU6hc4lCH8yWDQ==
Date: Tue, 08 Jun 2021 23:25:18 +0000
Message-ID: <A30B1F24-44CE-40EB-A78B-4C37268FF031@verisign.com>
References: <162319384147.12641.3128109386901283361@ietfa.amsl.com>
In-Reply-To: <162319384147.12641.3128109386901283361@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.120.23.2.7)
x-originating-ip: [10.170.148.18]
Content-Type: multipart/signed; boundary="Apple-Mail=_43238F39-C3E5-412D-BA5B-FDB25AEB6C9A"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/UfkJrQbfk4LEvRSaBrkMoPqj3Hc>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-requirements-10.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jun 2021 23:25:26 -0000
Dear DNSOP, John and I have made a number of changes since the start of Working Group Last Call, thanks to your good feedback. Here's a summary of the noteworthy changes since -06: - The abstract emphasizes this document speak to operational requirements, in alignment with previously documented implementation requirements. - Noted that this document updates RFC 1123 - Background section has been renamed to History of DNS over TCP - Updated and clarified text on connection termination - An earlier version mistakenly assumed that OpenBSD had the TCP "accept filter" feature - EDNS(0) everywhere, instead of just EDNS - Have added a few new or missing references to BIND, ECDSA, flag day 2020, and the KSK rollover list archives. - Numerous updates to RFC references, including newly published RFCs and cases where some RFCs have new revisions published. Also a number of RFC references were moved to the Normative section. - Numerous other grammatical and typographical fixes DW > On Jun 8, 2021, at 4:10 PM, internet-drafts@ietf.org wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Domain Name System Operations WG of the IETF. > > Title : DNS Transport over TCP - Operational Requirements > Authors : John Kristoff > Duane Wessels > Filename : draft-ietf-dnsop-dns-tcp-requirements-10.txt > Pages : 29 > Date : 2021-06-08 > > Abstract: > This document updates [RFC1123]. This document strongly encourages > the operational practice of permitting DNS messages to be carried > over TCP on the Internet as a best current practice. Such > encouragement is aligned with the implementation requirements in RFC > 7766. The use of TCP includes both DNS over unencrypted TCP, as well > as over an encrypted TLS session. The document also considers the > consequences with this form of DNS communication and the potential > operational issues that can arise when this best current practice is > not upheld. > > > The IETF datatracker status page for this draft is: > https://secure-web.cisco.com/1Bt7uhovzfR-wXjPaS77JXhiNYAC3cbTLqKixLUer9be_snyAstM0vO7rbd-6tg1Af61WLfqMhmR6MVawQMyXSLUEvl0DDSRcPcGuyxR0DfQH5H1-kZ6dhoIrR03PqTyQi3sAPPE6MBNB866JcgyCfnKv7584QTS5Jn_PmyWhj4kZv-uLSWOYXn8yeY1J9dux9Tn-zR_72iBbLfxuN0DTm4R5rogWbVnF-09IUGVZim3fvZfuBJ6jxXNDkiM2XTUFlydxiUMOb96Sm7jng3ehyg/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-dnsop-dns-tcp-requirements%2F > > There is also an htmlized version available at: > https://secure-web.cisco.com/1kg3laQW73wmvxjmh3LHKPs8xTRL21Z8-8IsCg_LPFAwxpClKj5biuDi-KlWiOC4Fif8tl0V8GDQ42lYNX11vP-I18i5V8ywRYcweAMWL8D_8YyN6_WGgY2dWQvixDVv6AgA5A5mx_zx_LRNkTgrwokfiZjRkkDUFt7cvW6OizkTZE_MrZQbzUhAqaSzG_RH2qSx_Gjb2QYdcva1jZUArM1hJJQBk6zHznsMlqj1IqVShVtLC_o0wj79hWFYGDwzcuWBQgFHB_go1c8iIO0wFKA/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-dnsop-dns-tcp-requirements-10 > > A diff from the previous version is available at: > https://secure-web.cisco.com/1n2z0gdPQvBFXazUbuwAkdVKLpzonHFKEqoPxbKuRCbnnqpluK3jeD0GmEy7EJinDCyKq6igwKrrmBzN77pynAgoRZRlaBSZh_DBffQQvgBPQp7oIjYftnLaBi98As0subHJYiUb2CyjeLCMHU3Pv8lQu3GlEKuFpvBZ9T5ZpIYwMyEVI6OdqZgGf7SIJWTOVBSH3tkSG53_yyD8bEsEIU7RHovBWnugdfFnQg5DQdqGBvoWiju0eLc14terdNJ-olPur3PGX8Pxe5uUS5H3nNQ/https%3A%2F%2Fwww.ietf.org%2Frfcdiff%3Furl2%3Ddraft-ietf-dnsop-dns-tcp-requirements-10 > > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://secure-web.cisco.com/1atzUJwMeKlqFcZqpVfe8Y-YVhu0kYAZKSSZnLcQDJARLtFm--_PO-Fkny_8v_OaS_gx_xyLPn6t0B4C4zy7aZTik0WB0it44p4Gt3-ONgGe3E4KPY__3excCeCkkuZDE3ri7i246Mv9OjdthuvztVOvZih-Up5uIfkpaZUE5d6bYXpvTt8nUFPVbEG4L5470k8zF7qeYNs658KGsV0mMcokaG9lkQBtr-7wsY3tVPuYqpXj3TdTvTnl7CeFurE0GWLC83zGaYkYY7rQM5-tVYQ/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fdnsop >
- [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-requ… internet-drafts
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-… Wessels, Duane