Re: [DNSOP] [Ext] About key tags

Edward Lewis <edward.lewis@icann.org> Wed, 28 February 2024 20:59 UTC

From: Edward Lewis <edward.lewis@icann.org>
To: John Levine <johnl@taugh.com>, "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [DNSOP] [Ext] About key tags
Thread-Index: AQHaXynPA8WwwMruZU6Z5RM+17D0wbEJySsAgACGD4CAAStKgIAASjQAgAA/RYCAAAE9gIAAAsCAgADi3oCAAGiXgIAAGREAgAAQ2wCAEXRUAIAAJ+KAgAAPFICAASsOAA==
Date: Wed, 28 Feb 2024 20:59:27 +0000
Message-ID: <641C2E38-F1A8-435B-BA6F-770FEE9AEEA5@icann.org>
References: <9C4B65D7-EC9D-40BC-9B23-825F7FE8FB7E@isc.org> <20240227220905.E06018410007@ary.qy>
In-Reply-To: <20240227220905.E06018410007@ary.qy>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/16.65.22091101
Content-Type: text/plain; charset="utf-8"
Content-ID: <5506A66E1085924BA77F388DC2273BB4@pexch112.icann.org>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/WYCiVO7uh-uH8THdf4f9HXA1QgU>
Subject: Re: [DNSOP] [Ext] About key tags
Precedence: list

On 2/27/24, 17:09, "DNSOP on behalf of John Levine" <dnsop-bounces@ietf.org on behalf of johnl@taugh.com> wrote:

>    The kind of load is different but in each case the client needs to
>    limit the amount of work it's willing to do. We can forbid it in the
>    protocol but unless you have better contacts at the Protocol Police
>    than I do, people will do it anyway.

I side with John Levine's line of reasoning, that the solution is defending against taking on too much work (in this case, the validator caps it's effort - in whatever way is appropriate).  It would be futile to prevent key tag collisions from happening via a protocol change as a malicious actor is not bounded by specifications.

If it is forbidden in the protocol, it might still happen.

[DNSOP] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Arnold DECHAMPS
Re: [DNSOP] About key tags Mark Andrews
Re: [DNSOP] About key tags Wellington, Brian
Re: [DNSOP] [Ext] Re: About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Mark Andrews
Re: [DNSOP] [Ext] About key tags Petr Špaček
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Joe Abley
Re: [DNSOP] [Ext] About key tags Petr Špaček
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Havard Eidnes
Re: [DNSOP] [Ext] About key tags Shumon Huque
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Yorgos Thessalonikefs
Re: [DNSOP] [Ext] About key tags Jim Reid
Re: [DNSOP] [Ext] About key tags Shumon Huque
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Ralf Weber
Re: [DNSOP] [Ext] About key tags Jim Reid
Re: [DNSOP] [Ext] About key tags Shumon Huque
Re: [DNSOP] [Ext] About key tags Ralf Weber
Re: [DNSOP] [Ext] About key tags Petr Špaček
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Paul Hoffman
Re: [DNSOP] [Ext] About key tags Donald Eastlake
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Petr Špaček
Re: [DNSOP] [Ext] About key tags Paul Wouters
Re: [DNSOP] [Ext] About key tags Paul Hoffman
Re: [DNSOP] [Ext] About key tags Paul Wouters
Re: [DNSOP] [Ext] About key tags Wellington, Brian
Re: [DNSOP] [Ext] About key tags Paul Hoffman
Re: [DNSOP] [Ext] About key tags Wellington, Brian
Re: [DNSOP] [Ext] About key tags Ralf Weber
Re: [DNSOP] [Ext] About key tags Paul Wouters
Re: [DNSOP] [Ext] About key tags Philip Homburg
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Ralf Weber
Re: [DNSOP] [Ext] About key tags Paul Hoffman
Re: [DNSOP] [Ext] About key tags Ralf Weber
Re: [DNSOP] [Ext] About key tags Bob Harold
Re: [DNSOP] [Ext] About key tags Ted Lemon
Re: [DNSOP] [Ext] About key tags Mark Andrews
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Jim Reid
Re: [DNSOP] [Ext] About key tags libor.peltan
Re: [DNSOP] [Ext] Re: About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Joe Abley
Re: [DNSOP] [Ext] About key tags Petr Špaček
Re: [DNSOP] [Ext] About key tags Jim Reid
Re: [DNSOP] [Ext] About key tags Jim Reid
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Shumon Huque
Re: [DNSOP] [Ext] About key tags Peter Thomassen
Re: [DNSOP] [Ext] About key tags Peter Thomassen
Re: [DNSOP] [Ext] About key tags Mark Andrews
Re: [DNSOP] [Ext] About key tags Paul Hoffman
Re: [DNSOP] [Ext] About key tags John Levine
Re: [DNSOP] [Ext] About key tags Mark Andrews
Re: [DNSOP] [Ext] About key tags Mark Andrews
Re: [DNSOP] [Ext] About key tags John R Levine
Re: [DNSOP] [Ext] About key tags and sensible lim… John Levine
Re: [DNSOP] [Ext] About key tags Paul Wouters
Re: [DNSOP] [Ext] About key tags libor.peltan
Re: [DNSOP] [Ext] About key tags John Levine
Re: [DNSOP] [Ext] About key tags Mark Andrews
Re: [DNSOP] [Ext] About key tags Shumon Huque
Re: [DNSOP] [Ext] About key tags Paul Hoffman
Re: [DNSOP] [Ext] About key tags and their infreq… John R Levine
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Shumon Huque
Re: [DNSOP] [Ext] About key tags Mark Andrews
Re: [DNSOP] [Ext] About key tags Mark Andrews
Re: [DNSOP] [Ext] About key tags Mark Andrews
Re: [DNSOP] [Ext] About key tags Paul Wouters
Re: [DNSOP] [Ext] About key tags and collision nu… John R Levine
Re: [DNSOP] [Ext] About key tags Paul Hoffman
Re: [DNSOP] [Ext] About key tags and collision nu… Mark Andrews
Re: [DNSOP] [Ext] About key tags Ralf Weber
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Joe Abley
Re: [DNSOP] [Ext] About key tags Shumon Huque
Re: [DNSOP] [Ext] About key tags Ted Lemon
Re: [DNSOP] [Ext] About key tags Paul Wouters
Re: [DNSOP] [Ext] About key tags John R Levine
Re: [DNSOP] [Ext] About key tags Mark Andrews
Re: [DNSOP] [Ext] About key tags Lanlan Pan
Re: [DNSOP] [Ext] About key tags Paul Wouters
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Philip Homburg
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Philip Homburg
Re: [DNSOP] [Ext] About key tags Arnold DECHAMPS
Re: [DNSOP] [Ext] About key tags John R Levine
Re: [DNSOP] [Ext] About key tags Joe Abley
Re: [DNSOP] [Ext] About key tags Philip Homburg
Re: [DNSOP] [Ext] About key tags John R Levine
Re: [DNSOP] [Ext] About key tags Bob Harold
Re: [DNSOP] [Ext] About key tags Mark Andrews
Re: [DNSOP] [Ext] About key tags John R Levine
Re: [DNSOP] [Ext] About key tags Philip Homburg
Re: [DNSOP] [Ext] About key tags Philip Homburg
Re: [DNSOP] [Ext] About key tags Philip Homburg
Re: [DNSOP] [Ext] About key tags Philip Homburg
Re: [DNSOP] [Ext] About key tags Peter Thomassen
Re: [DNSOP] [Ext] About key tags Philip Homburg
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Peter Thomassen
Re: [DNSOP] [Ext] About key tags John R Levine
Re: [DNSOP] [Ext] About key tags Shumon Huque
Re: [DNSOP] [Ext] About key tags John Levine
Re: [DNSOP] [Ext] About key tags Philip Homburg
Re: [DNSOP] [Ext] Nothing more useful to say Abou… John Levine
Re: [DNSOP] [Ext] About key tags John Levine
Re: [DNSOP] [Ext] Nothing more useful to say Abou… Philip Homburg
Re: [DNSOP] [Ext] Nothing more useful to say Abou… John Levine
Re: [DNSOP] [Ext] About key tags Dave Lawrence
Re: [DNSOP] [Ext] About key tags Shumon Huque
Re: [DNSOP] [Ext] About key tags Philip Homburg
Re: [DNSOP] [Ext] About key tags Edward Lewis
Re: [DNSOP] [Ext] About key tags Petr Špaček