IETF Logo Mail Archive

Re: [DNSOP] Favor: Weigh in on draft-ietf-ipsecme-split-dns?

Benjamin Kaduk <kaduk@mit.edu> Mon, 03 December 2018 01:12 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3183B130DE1; Sun, 2 Dec 2018 17:12:38 -0800 (PST)
X-Quarantine-ID: <Rw9An3tTJYmZ>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER SECTION, Non-encoded 8-bit data (char 9C hex): Received: ...s kaduk@ATHENA.MIT.EDU)\n\t\234by outgoing.mit[...]
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Level:
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rw9An3tTJYmZ; Sun, 2 Dec 2018 17:12:36 -0800 (PST)
Received: from dmz-mailsec-scanner-7.mit.edu (dmz-mailsec-scanner-7.mit.edu [18.7.68.36]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36E891274D0; Sun, 2 Dec 2018 17:12:35 -0800 (PST)
X-AuditID: 12074424-211ff70000007714-37-5c048300bb45
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-7.mit.edu (Symantec Messaging Gateway) with SMTP id 81.4F.30484.103840C5; Sun, 2 Dec 2018 20:12:33 -0500 (EST)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-3.mit.edu (8.14.7/8.9.2) with ESMTP id wB31CV1j029216; Sun, 2 Dec 2018 20:12:31 -0500
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) �by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id wB31CQWt018748 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 2 Dec 2018 20:12:29 -0500
Date: Sun, 2 Dec 2018 19:12:26 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Scott Morizot <tmorizot@gmail.com>
Cc: draft-ietf-ipsecme-split-dns.all@ietf.org, dnsop <dnsop@ietf.org>, Paul Wouters <paul@nohats.ca>
Message-ID: <20181203011226.GH54918@kduck.kaduk.org>
References: <23550.37961.117514.513410@fireball.acr.fi> <CAHw9_iJ0XFzErwbUci_WmN1pzZHbapj2JNu4j2YbMFbBt-m+aw@mail.gmail.com> <CAPt1N1m2upV2yJsFVyac6n-_MzFsv_g_fMaYP_UueTFR_3OPCA@mail.gmail.com> <1FBDB971-A632-4E32-A6CF-D422BBF6F8D3@nohats.ca> <CAPt1N1nK=QurJGdoKhJfg6BV6yUn9dtWZBZDfE+PGDmm2SAdvw@mail.gmail.com> <alpine.LRH.2.21.1811301042420.22612@bofh.nohats.ca> <CAPt1N1=4hEMPgS3nJxPwjhhwY=nNDZrq7+dH0M313YBGbfkn3A@mail.gmail.com> <alpine.LRH.2.21.1811301216010.535@bofh.nohats.ca> <CAFy81rn9u+byrQokb9owbH6t6iPLar=zxs30TtZk1vtmtq9vmw@mail.gmail.com> <alpine.LRH.2.21.1812011035170.5400@bofh.nohats.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <alpine.LRH.2.21.1812011035170.5400@bofh.nohats.ca>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpkleLIzCtJLcpLzFFi42IR4hTV1mVsZokxePrK2uLum8ssFkf7nS3e 37rEZLHw/k1GBxaPnbPusnssWfKTyeP7PKYA5igum5TUnMyy1CJ9uwSujA3HMgsmslQ82X6B vYFxLnMXIyeHhICJxIHOBUA2F4eQwBomiRPz3rJAOBsYJV4evwmVucMkcW3zDVaQFhYBFYkb S/6C2WxAdkP3ZbBRIgJqEmfeLgHqZudgFsiVeCkKEhUWcJV48u4yE4jNC7Ts7sWNUPPfs0g8 mtbEBpEQlDg58wkLiM0soCVx499LoAYOIFtaYvk/DpAwp4CDxPs7fcwgYVGgrZ8XCExgFJiF pHkWkuZZCM0LGJlXMcqm5Fbp5iZm5hSnJusWJyfm5aUW6Zrr5WaW6KWmlG5iBIUuu4vKDsbu Hu9DjAIcjEo8vDMSWWKEWBPLiitzDzFKcjApifI6FQGF+JLyUyozEosz4otKc1KLDzFKcDAr ifAWFALleFMSK6tSi/JhUtIcLErivH9EHkcLCaQnlqRmp6YWpBbBZGU4OJQkeDcXAzUKFqWm p1akZeaUIKSZODhBhvMADc8DG15ckJhbnJkOkT/FqMtx6s3zmcxCLHn5ealS4rysyUBFAiBF GaV5cHNAKUcie3/NK0ZxoLeEed3KgKp4gOkKbtIroCVMQEtytjCBLClJREhJNTAe3bpBmPGK eY2Df9BkmadOjEdebf6Qff51aNDL7stinOsYzqoazj3leO95zOlCq4VflVTD/8mZhfqnl4Wd v3plubXGy78yL7+9bt0ZlRLwXjHm8NvZ2yVPGqbf2hfl17zid/Vr9+jYe/nWGQVH377L3vvs xoFJE5zPTbgizvBYttYkatXea0/vKLEUZyQaajEXFScCAFxJ9NEUAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/__EZAZhhpGjxQ1H2Yaym9xMMKJA>
Subject: Re: [DNSOP] Favor: Weigh in on draft-ietf-ipsecme-split-dns?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Dec 2018 01:12:38 -0000

On Sat, Dec 01, 2018 at 10:49:42AM -0500, Paul Wouters wrote:
> On Sat, 1 Dec 2018, Scott Morizot wrote:
> 
> > I guess I'll speak up as someone who has been managing the DNS/DNSSEC design and implementation of a large
> > organization with a complex set of DNS requirements
> 
> Thanks for the write up! It is always good to hear actual enterprise
> deployments.

I will second this "thank you" -- it was very helpful to me, since this is
not an area that I am normally exposed to in my day-to-day work.

-Benjamin

v2.8.10 | Report a Bug | By Email