Re: [DNSOP] I-D Action: draft-ietf-dnsop-edns-key-tag-00.txt
Stephane Bortzmeyer <bortzmeyer@nic.fr> Fri, 08 January 2016 20:53 UTC
Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 312201B2BA0 for <dnsop@ietfa.amsl.com>; Fri, 8 Jan 2016 12:53:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wdKckdDZkJQI for <dnsop@ietfa.amsl.com>; Fri, 8 Jan 2016 12:53:08 -0800 (PST)
Received: from mail.bortzmeyer.org (aetius.bortzmeyer.org [217.70.190.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A1F71A0040 for <dnsop@ietf.org>; Fri, 8 Jan 2016 12:53:08 -0800 (PST)
Received: by mail.bortzmeyer.org (Postfix, from userid 10) id 9E9903B877; Fri, 8 Jan 2016 21:53:06 +0100 (CET)
Received: by mail.sources.org (Postfix, from userid 1000) id 0985C190880; Fri, 8 Jan 2016 21:48:52 +0100 (CET)
Date: Fri, 08 Jan 2016 21:48:51 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: dnsop@ietf.org
Message-ID: <20160108204851.GA28421@sources.org>
References: <20151209202733.1080.44157.idtracker@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20151209202733.1080.44157.idtracker@ietfa.amsl.com>
X-Transport: UUCP rules
X-Operating-System: Debian GNU/Linux 8.2
X-Charlie: Je suis Charlie
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/_c5PfNQUmqzgIElkiPX-3Sntgf8>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-edns-key-tag-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jan 2016 20:53:14 -0000
On Wed, Dec 09, 2015 at 12:27:33PM -0800, internet-drafts@ietf.org <internet-drafts@ietf.org> wrote a message of 39 lines which said: > Title : The EDNS Key Tag Option > Author : Duane Wessels > Filename : draft-ietf-dnsop-edns-key-tag-00.txt 5.2.1 says: "If the client included the DO and Checking Disabled (CD) bits, but did not include the edns-key-tag option in the query, the validating recursive resolver MAY include the option with its own Key Tag values in full." I do not understand why. If the client sends DO and CD, it means the server won't validate and therefore "its own Key Tag values" is irrelevant, it won't be the keys used for validation. [Generally speaking, I think it complicated the protocol for little or zero gain. The key tags should be added by the one who validates, period.]
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-edns-key… Stephane Bortzmeyer
- [DNSOP] I-D Action: draft-ietf-dnsop-edns-key-tag… internet-drafts
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-edns-key… Bob Harold
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-edns-key… Edward Lewis
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-edns-key… Wessels, Duane