Re: [DNSOP] search for reference

Vernon Schryver <vjs@rhyolite.com> Fri, 30 December 2016 11:50 UTC

Return-Path: <vjs@rhyolite.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF41E1294E7 for <dnsop@ietfa.amsl.com>; Fri, 30 Dec 2016 03:50:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.002
X-Spam-Level:
X-Spam-Status: No, score=-5.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-3.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5sW6Ud1dxjnl for <dnsop@ietfa.amsl.com>; Fri, 30 Dec 2016 03:50:47 -0800 (PST)
Received: from calcite.rhyolite.com (calcite.rhyolite.com [192.188.61.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D7EC129416 for <dnsop@ietf.org>; Fri, 30 Dec 2016 03:50:47 -0800 (PST)
Received: from calcite.rhyolite.com (localhost [127.0.0.1]) by calcite.rhyolite.com (8.15.2/8.15.2) with ESMTPS id uBUBoX0b076599 (CN=www.rhyolite.com version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <dnsop@ietf.org> env-from <vjs@rhyolite.com>; Fri, 30 Dec 2016 11:50:33 GMT
Received: (from vjs@localhost) by calcite.rhyolite.com (8.15.2/8.15.2/Submit) id uBUBoXq7076598 for dnsop@ietf.org; Fri, 30 Dec 2016 11:50:33 GMT
Date: Fri, 30 Dec 2016 11:50:33 +0000
From: Vernon Schryver <vjs@rhyolite.com>
Message-Id: <201612301150.uBUBoXq7076598@calcite.rhyolite.com>
To: dnsop@ietf.org
In-Reply-To: <20161230122014.Horde.WGMiuu_SJB8EAleLGv_Gf1P@andreasschulze.de>
X-DCC-Rhyolite-Metrics: calcite.rhyolite.com; whitelist
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ZcbPKl_vCGVTEArukD8PZGhXW0I>
Subject: Re: [DNSOP] search for reference
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Dec 2016 11:50:49 -0000

> From: "A. Schulze" <sca@andreasschulze.de>

> > TSIG uses DNS names for encoding the algorithm type.
> I didn't expected that...

Beware that a very popular TSIG implementation is intermittently
confused by upper case algorithm names from a peer despite the fact
that they're encoded like domain names.  If you're writing code that
talks TSIG, I suggest doing what I finally did recently, which is
converting algorithm names to lower case as you put them on or take
them off the wire.

One might constrain local user configuration settings to lower case,
but I'd still ignore case when comparing with what comes off the wire.


Vernon Schryver    vjs@rhyolite.com