Re: [DNSOP] Working Group Last Call for draft-ietf-dnsop-multi-provider-dnssec
Shane Kerr <shane@time-travellers.org> Wed, 20 November 2019 15:52 UTC
Return-Path: <shane@time-travellers.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED350120835 for <dnsop@ietfa.amsl.com>; Wed, 20 Nov 2019 07:52:30 -0800 (PST)
X-Quarantine-ID: <jyN_yTEIlHdD>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER SECTION, Improper folded header field made up entirely of whitespace (char 20 hex): X-Spam-Report: ...T_ADDRESS@@ for details.\n \n Content previ[...]
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jyN_yTEIlHdD for <dnsop@ietfa.amsl.com>; Wed, 20 Nov 2019 07:52:27 -0800 (PST)
Received: from saturn.zonnestelsel.tk (tunnel317214-pt.tunnel.tserv11.ams1.ipv6.he.net [IPv6:2001:470:1f14:77a::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE63D1200F5 for <dnsop@ietf.org>; Wed, 20 Nov 2019 07:52:27 -0800 (PST)
Received: from earth.zonnestelsel.tk ([2001:470:78c8:2::9]) by saturn.zonnestelsel.tk with esmtpsa (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <shane@time-travellers.org>) id 1iXSHG-00010N-Ne for dnsop@ietf.org; Wed, 20 Nov 2019 15:52:25 +0000
To: dnsop@ietf.org
References: <CADyWQ+Gip_1qYv8ZQBBfY3OUFxizOMVMpckQZtZRNu4JJtGnLA@mail.gmail.com> <498723c1-d8a5-2668-966b-b3bb9d7312c5@NLnetLabs.nl>
From: Shane Kerr <shane@time-travellers.org>
Message-ID: <d6400cf2-90cb-2994-1f0f-e28706d6ea18@time-travellers.org>
Date: Wed, 20 Nov 2019 16:52:22 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.2
MIME-Version: 1.0
In-Reply-To: <498723c1-d8a5-2668-966b-b3bb9d7312c5@NLnetLabs.nl>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Spam-Score-Int: -28
X-Spam-Bar: --
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ZnKsU8pm4yNhYQ-_3Rdh3oVb8Hk>
Subject: Re: [DNSOP] Working Group Last Call for draft-ietf-dnsop-multi-provider-dnssec
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2019 15:52:31 -0000
Benno and all, Overall the document is clear and I hope helpful to organizations pursuing a multi-DNS vendor setup who want to use DNSSEC (as all do, I am sure). One minor thing I noticed while looking through the document. It mentions the Brazilian ccTLD as background why using a liberal rollover is workable: In fact, testing by the .BR Top Level domain for their recent algorithm rollover [BR-ROLLOVER], demonstrates that the liberal approach does in fact work with current resolvers deployed on the Internet. However, the BR-ROLLOVER reference is to a presentation which discusses the plans to try a liberal rollover in Brazil, but doesn't actually claim that it works. Was there further published research that can support this idea? Cheers, -- Shane On 16/11/2019 03.42, Benno Overeinder wrote: > Hi all, > > The WGLC date has passed and we think the draft is in good shape. Still > the chairs would like to see some comments and feedback. Positive > feedback that the document is ready to go is also fine. > > Thanks, > > -- Benno > > On 31/10/2019 16:47, Tim Wicinski wrote: >> >> This starts a Working Group Last Call for >> draft-ietf-dnsop-multi-provider-dnssec >> >> Current versions of the draft is available here: >> https://datatracker.ietf.org/doc/draft-ietf-dnsop-multi-provider-dnssec/ >> >> The Current Intended Status of this document is: Informational >> >> FYI, I will not shepherd this document, as it was written with several >> of my coworkers. >> Benno Overeinder will be Document Shepherd. >> >> Please review the draft and offer relevant comments. >> If this does not seem appropriate please speak out. >> If someone feels the document is *not* ready for publication, please >> speak out with your reasons. >> >> If there are normative issues, agenda time at IETF106 will be set aside >> to address them >> >> This starts a two week Working Group Last Call process, and ends on: 15 >> November 2019 >> >> thanks >> tim >> >> >> _______________________________________________ >> DNSOP mailing list >> DNSOP@ietf.org >> https://www.ietf.org/mailman/listinfo/dnsop >> > >
- [DNSOP] Working Group Last Call for draft-ietf-dn… Tim Wicinski
- Re: [DNSOP] Working Group Last Call for draft-iet… Benno Overeinder
- Re: [DNSOP] Working Group Last Call for draft-iet… Brian Dickson
- Re: [DNSOP] Working Group Last Call for draft-iet… Paul Ebersman
- Re: [DNSOP] Working Group Last Call for draft-iet… Paul Hoffman
- Re: [DNSOP] Working Group Last Call for draft-iet… Henderson, Karl
- Re: [DNSOP] Working Group Last Call for draft-iet… Shane Kerr
- Re: [DNSOP] Working Group Last Call for draft-iet… Bob Harold
- Re: [DNSOP] Working Group Last Call for draft-iet… Frederico A C Neves
- Re: [DNSOP] Working Group Last Call for draft-iet… Shumon Huque
- Re: [DNSOP] Working Group Last Call for draft-iet… Shumon Huque
- Re: [DNSOP] Working Group Last Call for draft-iet… Matthijs Mekking