IETF Logo Mail Archive

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

Ted Lemon <mellon@fugue.com> Thu, 15 December 2016 17:21 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65DEB1298A9 for <dnsop@ietfa.amsl.com>; Thu, 15 Dec 2016 09:21:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wIIGKsBL9ftp for <dnsop@ietfa.amsl.com>; Thu, 15 Dec 2016 09:21:01 -0800 (PST)
Received: from mail-qk0-x230.google.com (mail-qk0-x230.google.com [IPv6:2607:f8b0:400d:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F6C1129BA8 for <dnsop@ietf.org>; Thu, 15 Dec 2016 09:20:57 -0800 (PST)
Received: by mail-qk0-x230.google.com with SMTP id n204so63881468qke.2 for <dnsop@ietf.org>; Thu, 15 Dec 2016 09:20:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=606vgHsa+LaXbBUhpRvYWsyY8pw3iJvVgJGtG8Soh2I=; b=ai9uz7UJtg+8kOcouQHNs2pW+vYxPsJR5bUh4RqVUegLRUM5ore5Et97QiU3MPW6T6 J71b765HG2nKYmVChRu9GnWWOTUfKj196gLMp06wX1xcPXb7z7cu+rauJQrXlU00X7tJ W+AKfznNOVb7Q2Dat3jY5s1EglTWsFpItNbASqMVSIRXuYrUfPDZjGvJU2sKMnvLPUhM X4TLxNNGPo+94uS2vD9nzUqic0Bg+4miPL+VzhwQCFkeMwnWfhNyLuBHSEOx0dyZqOJb /TaVbrQ4TziVf4QVL2I2LWXAbZ6sUXOgK+wsWm6ESIT+vP1b9Znced3Xe7OrshP59OJh jUCw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=606vgHsa+LaXbBUhpRvYWsyY8pw3iJvVgJGtG8Soh2I=; b=bRQVRmwHdfWwt3/JXSeOSOJ9uHYSrCYUfB4bLGkd85KMS1kbIDY+lBhsSYQlh1EEnU tf7qW6ZnohBABM0QR4ai/UpmlbQuInvuiGJDiZT4L/NKkb8JwxXg+jfNd2gWzYEG5U5E rJ6ZGTXsG2DUQPoLaMVCFhUWoViQuYBgM4OCMG8O9aRlIZleQvBVdyXNsR4OB1bnVcs6 xFSwN4rhitXd3CBTpavgWBnGB+fgcv6UyorAU+TxnpY5auyIubPqN5XqwV+bTaOVaaWQ OawouM4pL7s4TuiyAIUlWechIvHE7Iv4pvRGuEVIcWjCmFk/xu0mYwylvulmBM2PtQTX a/Ww==
X-Gm-Message-State: AIkVDXJ9Mg1toB5imwBN2X8tcMfBB/Ndm9gObIrAYNXI74LOenTF8fNVVnCaKdkqBxjU6Q==
X-Received: by 10.55.52.7 with SMTP id b7mr1756875qka.223.1481822456258; Thu, 15 Dec 2016 09:20:56 -0800 (PST)
Received: from [192.168.1.229] (c-73-167-64-188.hsd1.nh.comcast.net. [73.167.64.188]) by smtp.gmail.com with ESMTPSA id f36sm1489158qkf.43.2016.12.15.09.20.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Dec 2016 09:20:55 -0800 (PST)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <4A870505-070B-4065-B360-5A98485E4CEB@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_BE915C37-1C59-4C6D-AA60-A0386D42D0D5"
Mime-Version: 1.0 (Mac OS X Mail 10.1 \(3251\))
Date: Thu, 15 Dec 2016 12:20:53 -0500
In-Reply-To: <C059877D829F76429F49E0B48705D888F7FD2C7B@EXCH-01.CORP.CIRA.CA>
To: Jacques Latour <jacques.latour@cira.ca>
References: <4ab2a538-603e-4e7a-3be9-ad75ed459006@bellis.me.uk> <B192A1B3-03FF-43D1-AD30-12BBA2D65DF0@gmail.com> <9fe0e34d-51e9-bdf3-a650-d8b3681f1cd8@bellis.me.uk> <CAPt1N1=Z2xERw68-=iFGgYYnEO3eDW-8tvhmTmaf4+vU-24grQ@mail.gmail.com> <C059877D829F76429F49E0B48705D888F7FD2C7B@EXCH-01.CORP.CIRA.CA>
X-Mailer: Apple Mail (2.3251)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Z5xGMMEf_USx0z9Sx-15GmN-fTo>
Cc: HOMENET <homenet@ietf.org>, "dnsop@ietf.org WG" <dnsop@ietf.org>
Subject: Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Dec 2016 17:21:02 -0000

On Dec 15, 2016, at 11:05 AM, Jacques Latour <jacques.latour@cira.ca> wrote:
> Where do you delegate homenet to? Advanced DNSSEC validation may check for proper delegation?  

I think we should ask ICANN to set up an unsecured delegation of .homenet to the AS112 servers.   In order for names under .homenet to be validated by DNSSEC, it would be necessary for the validating resolver to have a trust anchor for any homenet on which it wants to do validation, and a means of differentiating between homenets so that it doesn’t use the wrong key to validate.   But that’s out of scope for this discussion: the point of this discussion is simply to figure out whether we want to do the hard thing or the easy thing: .homenet or home.arpa.

v2.23.0 | Report a Bug | By Email