Re: [DNSOP] Call for Adoption: draft-huston-kskroll-sentinel

George Michaelson <> Thu, 16 November 2017 08:34 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 90202129566 for <>; Thu, 16 Nov 2017 00:34:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id XIlov21H4We6 for <>; Thu, 16 Nov 2017 00:34:07 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:400c:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F194C126BFD for <>; Thu, 16 Nov 2017 00:34:06 -0800 (PST)
Received: by with SMTP id j67so10560429vkd.8 for <>; Thu, 16 Nov 2017 00:34:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=bygrtzMw6hXLXQ3wPaSxRp+Dg1EkiFYzsfl84Ww5bvc=; b=UC8FOVMg2fvZJNgh0lEG13yOk7WsJ1wxbHH9StgShvGEouq+TPTnGyku4dpFAslyh7 LXQOPwvUDT50F+g+x1IJ9/C9ACMxaSbIOeRiyqqk/q1H3oxAhk8T/i8CVnVFBn6SC2eq WsEayToJJwtGkt9rMxJbPQOEwQHwi/KLmiJG0uE984lkcmgxZrIdAzKI82LVFDgR/6fq UMB34g77TaPkEGEJ6bZkSHqVFTho/2OsWiXowD24yWhRlsN/p7m7jGrXvEqCvALWx6xo IKmuSzV+TWwBqcvU+75Wg9oz3igxOxfsAN0+pgPqqLHAXTCV97bte2iqIZo97o5lF589 HaNA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=bygrtzMw6hXLXQ3wPaSxRp+Dg1EkiFYzsfl84Ww5bvc=; b=sWe8S8AjDtyyqPWsk2yYF/usGtkjdQ92N+cZ2z7mUBNF6LL2wW/KYiJUIwEguMJ/0C IPOJFkQu0u6WCqdLdSisauaCGvvmLL/c3JMJLh9eyMs6QFYltCk43lXdWmW9r0CuQd7x 6jKC3fHtKhIiVCtRbNEq0ZLg0mUcAP4UdtbW9JyKxiuQ4MdDVTkuXdP+3O0AXzOOlbFv jVROzpp/Q2qGkFkcdxTMazkyAR675lYZwUQXy/8hihp+AHvQHBUztoQahmX6Qo8Kx2Hf R/tDoDVue5ebnBbGNfnaHoBCZW3hlYG5wDlnEZuKLQy8T5qukwo/3XqZ5+pmE8NavB7n 4D3A==
X-Gm-Message-State: AJaThX7QNepwhnEmZprBOVwa9JhuW8oxTVaraNN438h00QB0CgZ3n2/T i9saHiCigeNetKqtWAfPPKDi0zsn4zz7i1QLf47jTg==
X-Google-Smtp-Source: AGs4zMauWF+dxsl8gWRBNPKoB1k6iWsGqXW/2gLmpeNUEV3gQirygnHO8WnXUezHw/Z2aNMzStyVfd4V0x02q3K9uOk=
X-Received: by with SMTP id z21mr540963vkd.44.1510821246020; Thu, 16 Nov 2017 00:34:06 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Thu, 16 Nov 2017 00:34:05 -0800 (PST)
X-Originating-IP: [2001:67c:1232:144:e8cf:3ef5:8fba:c3a3]
In-Reply-To: <>
References: <>
From: George Michaelson <>
Date: Thu, 16 Nov 2017 16:34:05 +0800
Message-ID: <>
To: tjw ietf <>
Cc: dnsop <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [DNSOP] Call for Adoption: draft-huston-kskroll-sentinel
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 16 Nov 2017 08:34:09 -0000

I support adoption of this work. Its a sensible, simple proposal which
has immediate benefit, and can be used by anyone to test the ability
of their nominated resolver to recognise specific keys, and their
trust state.

I believe as a community, at large,  we need code deployed into the
resolvers in the wild, and we need a document specifying the behaviour
we need deployed into those resolvers. We can use this to inform
ourselves of operational risk under keychange. We can know as
individuals, as organizations what we will see, if keys change. I
think this is quite powerful. compared to measurement of what
resolvers see, or what authoritatives or roots see, going back to
these service-providers themselves. This method informs the client
side of the transaction. Thats big.

I'm not saying we shouldn't do other things, or measure. I'm saying
that this proposal has a qualitative aspect which I think is
different, and good.


On Thu, Nov 16, 2017 at 4:23 PM, tjw ietf <> wrote:
> All
> The author has rolled out a new version addressing comments from the meeting
> on Monday, and we feel it’s ready to move this along.
> This starts a Call for Adoption for draft-huston-kskroll-sentinel
> The draft is available here:
> Please review this draft to see if you think it is suitable for adoption by
> DNSOP, and comments to the list, clearly stating your view.
> Please also indicate if you are willing to contribute text, review, etc.
> This call for adoption ends: 30 November 2017 23:59
> Thanks,
> tim wicinski
> DNSOP co-chair
> _______________________________________________
> DNSOP mailing list