Re: [DNSOP] [Gen-art] Genart last call review of draft-ietf-dnsop-kskroll-sentinel-15

Alissa Cooper <> Wed, 26 September 2018 23:12 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 96D31130DCF; Wed, 26 Sep 2018 16:12:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key) header.b=sJlTW0Uv; dkim=pass (2048-bit key) header.b=gLE3N8p2
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id X4-JRrGAHPBr; Wed, 26 Sep 2018 16:11:59 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 18F04130DC4; Wed, 26 Sep 2018 16:11:59 -0700 (PDT)
Received: from compute7.internal (compute7.nyi.internal []) by mailout.nyi.internal (Postfix) with ESMTP id 5F90421F21; Wed, 26 Sep 2018 19:11:58 -0400 (EDT)
Received: from mailfrontend1 ([]) by compute7.internal (MEProxy); Wed, 26 Sep 2018 19:11:58 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; h=cc :content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; bh=tAyPkAY3YflvkXYCIR1GKUa194DXTZ6/tACDr7j1hkw=; b=sJlTW0Uv lHbgBTfnwhhhqLZKmUIj1QMwgZIXQ8em1zMAmO0mzRQDCi5I1YUUkLy81X8oN+Ya ijtF3MA+2PN7xWjWi0oyUpgCoasIfdIpmylBO8bmeb9yuv5FFhclJDCgIOUDY20z YK+GU+QZchjcEemDZSdpOzi9j0Bgk/taObVgG3/MxLMMPptRzVwjNB0QkQLEdhm2 ZuesJ99QlYIMsTuEBvBnFSfW15nb1NwVtxN1a9i/olM/MkZZ83AJViBPsz/6h7dl s1e1gxqXuNN42vTYpcz4/4KkNo0JVqAT0853CKJcWdadznRAY6+Osu6d/1MjVJDZ lq6bWDFAxM+tRA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=tAyPkAY3YflvkXYCIR1GKUa194DXT Z6/tACDr7j1hkw=; b=gLE3N8p2qj7/Wew6hiR3+XXyU1K1iS0EKE+SboNLyX9mQ t8inlrp0t0cCi5Jsm19ZjrhjNjFVkBUliv8HMgVoxuLUgeW5MZ1DrPehZOJxiQNz H9KjgSH643xZXCKE3YfulKMLO0zxTJLe0Yr4RbcXKJU/LbYaZmH62Jfhgb3k8AlL Y4sxpiO7dxpku1N9EQSEaB8/Gl+L8K1hjfkVrkQCdjtrLITBDqbpVCJJwjXdkC1C E9Q/+IpvqKH6Tuy6uJf8l8ScazgOJYb9d4PHVW4jEdWp3SCRV7RRwYxbMDkyiLrU Q0qRMonM759kd24qP63iJmm06YUgMqUCQ7m9Vwy7w==
X-ME-Proxy: <xmx:PRKsW7tnIALPbuou6rsT-UU6rrhVt1amDh_PDXPu98w-vfXRkEXfLA> <xmx:PRKsW9yFqmtEALr09PeZFyl4XYrOmuxZHAviYpWKnqjzAcCF-K49wA> <xmx:PRKsWxPu2Aibkaf6cAekYzytt3mIUOjQyEvN3eSAEhFWQkUlQwobvw> <xmx:PRKsW_2vg-be46wDqUb26yaIbwD--aDWpOQ5DIeCCmoNRW_eNn9cvA> <xmx:PRKsW5FNR4thIQpRpFRwIFmGyCVROjAx5G0WQYV1Vv4le-81UiKZAg> <xmx:PhKsW_PvFatOeIrXQ7tLa1lJU29b-_wsS4RniaY5kD2weuLLlR9ckw>
X-ME-Sender: <xms:PRKsW7Jcprm-jQPzIHNQ0LQatieauCOcvwo28vYzsqnqr8r6K-XBuw>
Received: from [] (unknown []) by (Postfix) with ESMTPA id 1DEFBE40A2; Wed, 26 Sep 2018 19:11:57 -0400 (EDT)
From: Alissa Cooper <>
Message-Id: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_D6705D80-E3FF-4033-A279-E1BDF3665E57"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Date: Wed, 26 Sep 2018 16:11:55 -0700
In-Reply-To: <>
Cc: Geoff Huston <>,,, General Area Review Team <>
To: Jari Arkko <>
References: <> <> <>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <>
Subject: Re: [DNSOP] [Gen-art] Genart last call review of draft-ietf-dnsop-kskroll-sentinel-15
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 26 Sep 2018 23:12:02 -0000

Jari, thank you for your review. Geoff, thanks for your responses. I have entered a No Objection ballot.


> On Aug 30, 2018, at 10:10 PM, Jari Arkko <>; wrote:
> Thanks for the responses, Geoff. 
> One minor follow-up:
>> The final point I am not so convinced about. The reason is scope of the document. This document is an instruction to folk who write DNS recursive resolvers. It is not an instruction to folk who want to set up zones that could be used to test KSK trust status. I would rather avoid adding text about the latter topic in this document, as I strongly prefer to leave it to others who may be sufficiently motivated to write a document about how to set up a measurement zone.
> Oh, I do agree with this. However, as a reader I wasn’t sure if the document expects that there be an existing name (with the special labels) or none is needed. Does all this work fine, even if I don’t add anything to the sites being used in the test? That might be worth clarifying, if it isn’t somewhere already.
> Jari
> _______________________________________________
> Gen-art mailing list