[DNSOP] Re: ICANN80 - DSYNC

Shumon Huque <shuque@gmail.com> Mon, 10 June 2024 14:41 UTC

Return-Path: <shuque@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AC18C1840DB for <dnsop@ietfa.amsl.com>; Mon, 10 Jun 2024 07:41:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.607
X-Spam-Level:
X-Spam-Status: No, score=-6.607 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, SUBJ_ALL_CAPS=0.5, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qz2DhMyxzDvA for <dnsop@ietfa.amsl.com>; Mon, 10 Jun 2024 07:41:56 -0700 (PDT)
Received: from mail-io1-xd33.google.com (mail-io1-xd33.google.com [IPv6:2607:f8b0:4864:20::d33]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3234C14F5F5 for <dnsop@ietf.org>; Mon, 10 Jun 2024 07:41:56 -0700 (PDT)
Received: by mail-io1-xd33.google.com with SMTP id ca18e2360f4ac-7eb85f63f4aso32292139f.0 for <dnsop@ietf.org>; Mon, 10 Jun 2024 07:41:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1718030516; x=1718635316; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=9nOSL3PPUq8cA9Hf/+0VG6PJrcWIkjjULHdj7Wu2sqk=; b=Lsbi2pZ59BDLW5DXob2Kfl8purtQ0C1pQa9QvCtwhYodQCl8BELhFEKjmrETsOdIB5 AIIwZ3ZLFHrx5mCMbuppliDCo8CV0f3T16R07Mb0T6+kq3ZMbeM5D9lUEa5S4yiWac2P unVz8kRG1vrEojZl1iJt7VHmfPbxjTD1ox/KxgB/Oh8CSmUCSFjsO4jsdA/S2eR/uqvM oVJyRhXFAUQxW5Sd8B/okTObcrgrmLfKG0A6+80OXLPL/u+8npkji3Kz2DMWM854FoTI CKYTIYapY7I3ryhWi0LMJp7U92IeyvCkM7+xMBAjMfGEH4dQdDurru/XvYuANHtnu6Q6 AJ+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718030516; x=1718635316; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=9nOSL3PPUq8cA9Hf/+0VG6PJrcWIkjjULHdj7Wu2sqk=; b=Pw+ZCe5YlL9d++yUIVdG87CPGcZ3dGjQg5Ajl8qcQikmck8mR9QbjxOcq90and4CtR IDGwsGFt9YH+wBjlIPbVaTq/YaB+KUToSm63bYnKFJcX1frLH7WDIp9ibprW5OOEyL6p KcU5EiQtxPuJftBiY+BiCdusPoYSRqYz1BYdxqgVBb3ibS/420zOhqXHo+SCGTIG9DC8 S6UmNAskFLwjKAtz+5xkN+dJ48D+83wZgPrSRRBQ85S6v42rwzWsi5pAPt0xJG94dOy/ xxB+b1e4w2inHCvI1JelgHZDh11yBhmXTAdZCA+ez3JWlf13/iZAzYUZcGqei552YZiF CUeg==
X-Gm-Message-State: AOJu0YwRjqegBiD6aJ9IWDL6aij8dMFEVxIbobQRLhKFRlCd/bR81NdW cPQov7xt/nznKQMg5RHUT4Ngziete6EkZgMVaXy2djaWpkkU5oNwwS1yaPrft0CUuf19/eMH+I4 pZoqL/HIHQuko7Fw+HNlk8S53I0g=
X-Google-Smtp-Source: AGHT+IEoaZTjRBLg8KVewZDM26A+J7f9CbS8D8Cc8raZzOoZ9UentLbd1/4UNzn0WjTYRnZ8El7VLZ7oZfSkVwtYvHg=
X-Received: by 2002:a05:6602:1305:b0:7eb:77d3:7d48 with SMTP id ca18e2360f4ac-7eb77d38386mr288449839f.8.1718030515789; Mon, 10 Jun 2024 07:41:55 -0700 (PDT)
MIME-Version: 1.0
References: <CAFNz3pLrZ2bAPB1Bx-8B9qF-kXX2BqxH+YDOR9bQ-7z=VJzqrQ@mail.gmail.com>
In-Reply-To: <CAFNz3pLrZ2bAPB1Bx-8B9qF-kXX2BqxH+YDOR9bQ-7z=VJzqrQ@mail.gmail.com>
From: Shumon Huque <shuque@gmail.com>
Date: Mon, 10 Jun 2024 10:41:44 -0400
Message-ID: <CAHPuVdUk9H2c6QXHk13DCMHTYDKOWreK-GGsCcEJB8fYs2TtUA@mail.gmail.com>
To: Vandan Adhvaryu <vandanadhvaryu99@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000009b6b1a061a8a26b8"
Message-ID-Hash: 2A3RKHVRZWMB6DB2BKC4LOXAQ2267H4Z
X-Message-ID-Hash: 2A3RKHVRZWMB6DB2BKC4LOXAQ2267H4Z
X-MailFrom: shuque@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: dnsop@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [DNSOP] Re: ICANN80 - DSYNC
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/XsfFM3tudWmAtYGmNukzTCkE1jw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

On Mon, Jun 10, 2024 at 10:25 AM Vandan Adhvaryu <vandanadhvaryu99@gmail.com>
wrote:

> Hi,
>
> Recently at ICANN80 there was a DNSSEC workshop. In one of the topics, we
> discussed the bootstrapping of DS records by using a NOTIFY capability
> (draft-ietf-dnsop-generalized-notify-01).
>
> I was wondering if the DSYNC notify comes with an "expiry" or if there
> should be any stringent requirements on the Parent TLD to reply to the
> NOTIFY in a certain time frame when DNSSEC is involved?
>

Is there a need? NOTIFY is a query/response protocol with retries (if using
UDP; if using TCP, timeout and retry is obtained from the TCP layer). From
RFC 1996:

   3.3. NOTIFY is similar to QUERY in that it has a request message with
   the header QR flag "clear" and a response message with QR "set".  The
   response message contains no useful information, but its reception by
   the master is an indication that the slave has received the NOTIFY
   and that the master can remove the slave from any retry queue for
   this NOTIFY event.

The NOTIFY client generally decides on details of their timeout and retry
algorithm, and at what point to give up (although the RFC has some
recommendations about parameters).

Shumon.