Re: [DNSOP] Working Group Last Call

Warren Kumari <warren@kumari.net> Fri, 07 October 2016 23:06 UTC

Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E16CD12945C for <dnsop@ietfa.amsl.com>; Fri, 7 Oct 2016 16:06:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wEFPK-STKxxN for <dnsop@ietfa.amsl.com>; Fri, 7 Oct 2016 16:06:42 -0700 (PDT)
Received: from mail-qk0-x22b.google.com (mail-qk0-x22b.google.com [IPv6:2607:f8b0:400d:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 455D41293D6 for <dnsop@ietf.org>; Fri, 7 Oct 2016 16:06:42 -0700 (PDT)
Received: by mail-qk0-x22b.google.com with SMTP id z190so43168658qkc.2 for <dnsop@ietf.org>; Fri, 07 Oct 2016 16:06:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=ZG9STzF+uSx/SiqNXCnuTV5dHdPlFTxSO+qlMcP58S8=; b=oxVlyr6VtSu57INM9KPmkmcQtuk5lbG4LZ9G25UumjUB9GTPhQHB4ff/jxuOunXeW0 N0NlzEsYzlpu8v+CJrBV7ARIn+3qh4LUIPXNxmZpJ40lAcbIi0q5Oe5WmYUoLWnRBtZy cREnmGnKHy9wPvrBULteXZkodjqApe2s7oEyD5K25H5JvRTidyOnc/6gstEOVWomSkd3 /3XR8dzG1msWUhp7hRMrANPoiW4q7RYEo3FcmDI6YXRfq0a/BPUaplktdHnlUYjSzSw2 pVYUvl/XL/ln9A5f8QFvQYiXDUWfhL1FoYraDyLIdYUjQcwo2XL3XyXruejBz5ElB6Ep qAPA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=ZG9STzF+uSx/SiqNXCnuTV5dHdPlFTxSO+qlMcP58S8=; b=LRXHM5Jzqy4SPfz0pDKiiZnfMAAp7tbWDtfDp+eY/IUpEsXWsdA33UgrykHqqg01xW bwLjkvA6LEDieWovDbusdL2l0I6hGc2tUdjrhiKpTCXUf5q5cdFvx9Q6dE2LDiKTpvt+ /U9Eox5V/ek5bp1MS9UOIBz4z/AQjnK1qe42+hvUCgiCuyv8L0dEBISpm83/V4V0ENMh hboKBCM3cDGyC8qfz3lmlJU55Gbdzlb/U9iVU2q5lkcpThFFGlmOWgxV4alAzGum3SBu zEKmF7EOWkjBBFdfO6rDD78RI8FSX09E4FVWuh7w4iSM82C4hGbyzIpxnRqy6lQeNL5b baqg==
X-Gm-Message-State: AA6/9RlXY26uv361LhwLOvG6dniP57SUMmg6Ns/3DAGgOIGrJ5Obkf4zfhk6hyBuNgu+necrBJmZsjRGcwJAC/x3
X-Received: by 10.55.67.131 with SMTP id q125mr5237098qka.321.1475881601326; Fri, 07 Oct 2016 16:06:41 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.55.147.196 with HTTP; Fri, 7 Oct 2016 16:06:10 -0700 (PDT)
In-Reply-To: <CAJE_bqdZDxKWA+HKd1+z-HoXGPeWNZrjTDfji_8zBRX_z9UX7g@mail.gmail.com>
References: <40d5f4b1-3019-7f8a-ecc0-2f4d13e3eadf@gmail.com> <CAJE_bqeEBSrFaxEVGhKbt5LFqfe_QdoQQ1u4h9r03ZB3pJ4yzg@mail.gmail.com> <CAHw9_iJDfKK3BPKw5vRc4MBJJELUceSWO4fp97gZjAuB3PZJNg@mail.gmail.com> <CAJE_bqcK_pu4eWkk80ALOeAkCuTV_AoMisFY04q2P6nmZTmGvw@mail.gmail.com> <4ef44e6e-441d-60e5-5f39-3a47b2ef6df5@gmail.com> <CAJE_bqdZDxKWA+HKd1+z-HoXGPeWNZrjTDfji_8zBRX_z9UX7g@mail.gmail.com>
From: Warren Kumari <warren@kumari.net>
Date: Fri, 7 Oct 2016 19:06:10 -0400
Message-ID: <CAHw9_iL93X=QSsOSgDZAhJ57Um5EFZCfg8CFwqAHBeocgDB6VA@mail.gmail.com>
To: =?UTF-8?B?56We5piO6YGU5ZOJ?= <jinmei@wide.ad.jp>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/XQ-DpjbAo09CuGpJcTP3IvCce3c>
Cc: Tim Wicinski <tjw.ietf@gmail.com>, dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] Working Group Last Call
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Oct 2016 23:06:44 -0000

On Fri, Oct 7, 2016 at 12:22 PM, 神明達哉 <jinmei@wide.ad.jp> wrote:
> At Thu, 6 Oct 2016 02:49:34 -0400,
> Tim Wicinski <tjw.ietf@gmail.com> wrote:
>
>> >> I did some fix up - how do you like:
>> >> "If a validating resolver gets a query for cat.example.com, it will
>> >> query the example.com servers and will get back an NSEC (or NSEC3)
>> >> record starting that there are no records between apple and elephant.
> [...]
>> >> Does that cover it sufficiently? (and I think I now better understand
>> >> your concern).
>> >
>> > To be perfectly generic, "it will query the example.com servers" is
>> > not always the case.  It (= validating resolver) might query another
>> > intermediate resolver (often called a "forwarder") that performs
>> > recursion.  By "external server" I tried to generalize the concept.
>>
>> Maybe this?
>>
>> "If a validating resolver receives a query for cat.example.com, it
>> contacts its resolver (which may be itself) to query the example.com
>> servers and will get back an NSEC (or NSEC3) record starting that there
>> are no records between apple and elephant."
>
> Yes, this is one way to address my point.  I'd leave it to the authors
> specifically how to address it.

Great.
DONE.


>
> --
> JINMEI, Tatuya



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf