Re: [DNSOP] New Version Notification for draft-wessels-dns-zone-digest-01.txt

"John R Levine" <johnl@taugh.com> Sat, 28 July 2018 15:08 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9E48130F88 for <dnsop@ietfa.amsl.com>; Sat, 28 Jul 2018 08:08:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=FHeiMnjk; dkim=pass (1536-bit key) header.d=taugh.com header.b=Lmq4yqUG
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4pK_XlET73ky for <dnsop@ietfa.amsl.com>; Sat, 28 Jul 2018 08:08:46 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA3EA130ED6 for <dnsop@ietf.org>; Sat, 28 Jul 2018 08:08:45 -0700 (PDT)
Received: (qmail 4215 invoked from network); 28 Jul 2018 15:08:43 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=1074.5b5c86fb.k1807; bh=IE/aJK90KGGblTqQAZniOD/RMiIKL7Etfw4JpkyAlE0=; b=FHeiMnjkXVTj8Pd8tG+8dSB+2ykJEC8iQSjeokp35kow0vj9UemSTjXLF2zdKKlC1e845emJRI//1FNSeNwjf30KhL6ju3SqWJevyLzP1gKvzknZ6qpR1Qph/423WJi5DIb85eP2EZCQtaGpoG8hs8FG6haa1QVQSYglXZqWwaBSnp0s6TVDlgaVD4iQXvG8H1f4z02zEsvsdI5/sAneXcJjQJXopfDpDTksEgAamDsF0zUzOYi43+YBCgCeQ1ds
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=1074.5b5c86fb.k1807; bh=IE/aJK90KGGblTqQAZniOD/RMiIKL7Etfw4JpkyAlE0=; b=Lmq4yqUGQwSWioeteAAProUMOLUWd96l78HUMXjAd4h+AqBjVL36P0vAnSRTlnbIhHmPHfIO4cDzPZ//ANUd/RWHcFK7pwbkQXVdEzShERZlwjSD5GikcxYBHNz8TPdoD6u74hEcqmj+4tCvuiW1v58N5z+uxQ1jJ4OOSk/GjoZjIzNOtiAcn73QWhDpPY1zOKMLt2qsAcwxp7v+uIiPFA5BZMXlWua8NZoTpFmuh7wp9Rb4hcZqB2pw4DAoSeac
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 28 Jul 2018 15:08:42 -0000
Date: Sat, 28 Jul 2018 11:08:42 -0400
Message-ID: <alpine.OSX.2.21.1807281106550.71239@ary.qy>
From: John R Levine <johnl@taugh.com>
To: Florian Weimer <fw@deneb.enyo.de>
Cc: dnsop@ietf.org
In-Reply-To: <87va8zh77f.fsf@mid.deneb.enyo.de>
References: <20180724143253.83ACC2002CE789@ary.qy> <87va8zh77f.fsf@mid.deneb.enyo.de>
User-Agent: Alpine 2.21 (OSX 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ZmZzveW92yWmkKs-VCV3O0pDAq0>
Subject: Re: [DNSOP] New Version Notification for draft-wessels-dns-zone-digest-01.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Jul 2018 15:08:48 -0000

>>> that the served zone is too large.  Otherwise, the receiver has to
>>> download the entire zone before it can determine that the hash does
>>> not match. ...

> On the other hand, clients will likely have a pretty good idea for the
> size of the zone, so they could transfer it twice: ...

Now I'm really confused.  To avoid downloading the whole zone you download 
it twice?

Could you explain in simple terms why you can't download the zone, check 
the digest and signature, and either use it or discard it?

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly