IETF Logo Mail Archive

Re: [DNSOP] Call for Adoption draft-wkumari-dnsop-root-loopback

Bob Harold <rharolde@umich.edu> Thu, 20 November 2014 18:20 UTC

Return-Path: <rharolde@umich.edu>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC3871A1BD1 for <dnsop@ietfa.amsl.com>; Thu, 20 Nov 2014 10:20:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G__1uwQzjr0X for <dnsop@ietfa.amsl.com>; Thu, 20 Nov 2014 10:20:22 -0800 (PST)
Received: from mail-oi0-f49.google.com (mail-oi0-f49.google.com [209.85.218.49]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0583A1A1AA7 for <dnsop@ietf.org>; Thu, 20 Nov 2014 10:20:07 -0800 (PST)
Received: by mail-oi0-f49.google.com with SMTP id i138so2401922oig.22 for <dnsop@ietf.org>; Thu, 20 Nov 2014 10:20:07 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=WIiyiX5fiTWqbl3mr9uDMalJXuLYXTPnNPt6sGUdhjQ=; b=NixCDCpw0ZtQIXM/3JmpGrRoO+mHkTgmt03crF3S/B4A9QgIo6+DMUSIV4aeqAgaLr qM5N4a0jd96SZGAKsdJ94vzmFypemPPhKGt6N0YrJBuFTWwARV/u8I9l3/uWcMdjhk0V XQ1HQ1Lxbi7gjrGeQIV4QjuJz7E9Uo+a90utVOGwr2hxBFPiJjlCC8LiQlpARf5HhlV3 CTqUD31eLOUxGIQvC5t5a/dylUEUcOYjWorAjljMB+ySlSo3n1vFLv43fpvctzcsropp zUA3/BAFebXsJYsgDsljWRY9iqkHoM1RqEie5smxi+8z2NmaS2jUhuOpDYR5V3qLDmvX rh8g==
X-Gm-Message-State: ALoCoQkJeUan6yAMVRf1QyWMtyxrDNZrwiCf3tApqZ54RZty2nS0S3TvdTAaxBqnT2tAAzeQAy0e
MIME-Version: 1.0
X-Received: by 10.182.122.139 with SMTP id ls11mr18434712obb.6.1416507607234; Thu, 20 Nov 2014 10:20:07 -0800 (PST)
Received: by 10.76.133.130 with HTTP; Thu, 20 Nov 2014 10:20:07 -0800 (PST)
In-Reply-To: <DCE8D121-A9D7-40A6-9567-39DF6811A50F@vpnc.org>
References: <54691B0A.6060508@gmail.com> <54692F7A.6030803@dougbarton.us> <20141117071250.GA55492@isc.org> <546A73B6.2060005@dougbarton.us> <20141117225045.GA35924@isc.org> <546A873F.8060402@dougbarton.us> <546E2287.7080909@dougbarton.us> <DCE8D121-A9D7-40A6-9567-39DF6811A50F@vpnc.org>
Date: Thu, 20 Nov 2014 13:20:07 -0500
Message-ID: <CA+nkc8A2nnMWfOt=8w0waG0BDpR=qRBjB098fzDaU31Cv4fJ5Q@mail.gmail.com>
From: Bob Harold <rharolde@umich.edu>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: multipart/alternative; boundary="001a1134af4cc0488605084e6037"
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/W-36MHbHgNLqkdtlckOd4bvcDE4
Cc: IETF DNSOP WG <dnsop@ietf.org>
Subject: Re: [DNSOP] Call for Adoption draft-wkumari-dnsop-root-loopback
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Nov 2014 18:20:28 -0000

I can see where "validate on zone transfer" would be a feature request.
And "validate everything" similarly.

For the draft, could a small paragraph be added explaining the difference
between using a separate view for the root zone and just loading it in the
same view, so that people like me realize the tradeoffs before we decide to
implement the draft with what we might think is a minor simplification, not
realizing the impact?



-- 
Bob Harold
hostmaster, UMnet, ITcom
Information and Technology Services (ITS)
rharolde@umich.edu
734-647-6524 desk

On Thu, Nov 20, 2014 at 12:34 PM, Paul Hoffman <paul.hoffman@vpnc.org>
wrote:

> On Nov 20, 2014, at 9:19 AM, Doug Barton <dougb@dougbarton.us> wrote:
> > The question at the end of this post was a serious one, FWIW.
>
> If I understand it correctly, the question is a feature request for
> BIND/NSD/whatnot, not an issue with the draft, correct? That is, I think
> you are asking for your authoritative server to have a feature that
> performs DNSSEC validation on an incoming zone transfer (or possibly on a
> zone in your authoritative list). If your question is actually about the
> draft, by all means please clarify so we can deal with it in the draft.
>
> --Paul Hoffman
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>

v2.23.0 | Report a Bug | By Email