[DNSOP] for dnsop consideration: draft-hardaker-dnsop-nsec3-guidance-02.txt
Wes Hardaker <wjhns1@hardakers.net> Fri, 19 February 2021 18:58 UTC
Return-Path: <wjhns1@hardakers.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C1033A1355 for <dnsop@ietfa.amsl.com>; Fri, 19 Feb 2021 10:58:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qUA8Mw0BXj47 for <dnsop@ietfa.amsl.com>; Fri, 19 Feb 2021 10:58:10 -0800 (PST)
Received: from mail.hardakers.net (mail.hardakers.net [168.150.192.181]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6CC13A1285 for <dnsop@ietf.org>; Fri, 19 Feb 2021 10:58:10 -0800 (PST)
Received: from localhost (unknown [10.0.0.3]) by mail.hardakers.net (Postfix) with ESMTPA id 33C1529A59 for <dnsop@ietf.org>; Fri, 19 Feb 2021 10:58:05 -0800 (PST)
From: Wes Hardaker <wjhns1@hardakers.net>
To: dnsop@ietf.org
Date: Fri, 19 Feb 2021 10:58:05 -0800
Message-ID: <yblim6nevgi.fsf@w7.hardakers.net>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/YcAOrwwWRlbb9GGYB_e2qses99A>
Subject: [DNSOP] for dnsop consideration: draft-hardaker-dnsop-nsec3-guidance-02.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Feb 2021 18:58:13 -0000
Greetings all, Viktor and I have been working on a BCP to provide guidance on selecting reasonable NSEC3 parameters. We'd love your feedback and for dnsop to consider adopting it. A new version of I-D, draft-hardaker-dnsop-nsec3-guidance-02.txt has been successfully submitted by Wes Hardaker and posted to the IETF repository. Name: draft-hardaker-dnsop-nsec3-guidance Revision: 02 Title: Guidance for NSEC3 parameter settings Document date: 2021-02-19 Group: Individual Submission Pages: 7 URL: https://www.ietf.org/archive/id/draft-hardaker-dnsop-nsec3-guidance-02.txt Status: https://datatracker.ietf.org/doc/draft-hardaker-dnsop-nsec3-guidance/ Htmlized: https://datatracker.ietf.org/doc/html/draft-hardaker-dnsop-nsec3-guidance Htmlized: https://tools.ietf.org/html/draft-hardaker-dnsop-nsec3-guidance-02 Diff: https://www.ietf.org/rfcdiff?url2=draft-hardaker-dnsop-nsec3-guidance-02 Abstract: NSEC3 is a DNSSEC mechanism providing proof of non-existence by promising there are no names that exist between two domainnames within a zone. Unlike its counterpart NSEC, NSEC3 avoids directly disclosing the bounding domainname pairs. This document provides guidance on setting NSEC3 parameters based on recent operational deployment experience. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat -- Wes Hardaker USC/ISI
- [DNSOP] for dnsop consideration: draft-hardaker-d… Wes Hardaker
- Re: [DNSOP] for dnsop consideration: draft-hardak… Brian Dickson