IETF Logo Mail Archive

Re: [DNSOP] A conversational description of sentinel.

Warren Kumari <warren@kumari.net> Wed, 07 February 2018 08:58 UTC

Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FAC31250B8 for <dnsop@ietfa.amsl.com>; Wed, 7 Feb 2018 00:58:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QQ-2S6rxckhU for <dnsop@ietfa.amsl.com>; Wed, 7 Feb 2018 00:58:19 -0800 (PST)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E28161200C1 for <dnsop@ietf.org>; Wed, 7 Feb 2018 00:58:18 -0800 (PST)
Received: by mail-wm0-x230.google.com with SMTP id r71so1664162wmd.1 for <dnsop@ietf.org>; Wed, 07 Feb 2018 00:58:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=OFzwQKiDAGUWw/tDw3QzOXMgQ8KLJ+eVK81aoEPaREw=; b=EsvA6r1/iJDa7AOe1DPquYLgMzf81bd0A56FSC7PDOf7J5z+azP6U4VxBk95snxEFM M98GY7q2EnNG9PN+R63pSC8jy13/9cNg3IRvE3Y3Cw7mMUN67p5Nb49BlUIZEZXRRtZU Q3kLBNMp/pYVWWWyBVKkC15DAhoocBp8b03Mz4C0GPgrqx5MYtO9mFkvPH83d6KLB8t6 pxGEC2tDRyoF1bPv3MY8dtCgZmzEIrym6VQ+53RosSzlJIQT4QGxJ09fYSVe/Ck182sf hBLmnXDFk4Dz5Yu8cVnquTHnfUn6/FoyLrU9Xj6iCh+kC/KigWeW+WHRFSPc6n6g6V4O EzNQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=OFzwQKiDAGUWw/tDw3QzOXMgQ8KLJ+eVK81aoEPaREw=; b=pjuOaOFceUNKXIhqMPP6ASubGahUWZY5sYyYVXVr/ghOypWdzY6Dl6HTLqfjC/LR8S OVj2Cj8wcNIxPYt+fkVURkFC5viW3t9ClE7lRgMcC+mzC7UQXI9qy1jZzig3bZq66x9d wxxFEJ8eMr0qh7A69E6fL/tMYZkyV0N/4kIjkYjkF7ZWg9Oa5ld4J1zG+RJsqKkVbp2c 69wiF6Q30/zhlLmOaqxqKQNwyrNIs1Y0aGurVvYMUo6rfl2qCCTB9LFmJbh/6Liv3gFO pcJy7cJlD6eiALaOVzTVJF8Ow/a9fO6AvP1MT8wvSkWhNYIv7PxZRaK2+s6TP65EVpDW QRow==
X-Gm-Message-State: APf1xPB4lq7iPSUgqhHwPBy9gI6jueEfco74ZluZ0OfoB9oz6a7c/ZIy yqByGL71Xf5g6qGRreuDsK5FkBo8DRH+Bhecpn91sZB8
X-Google-Smtp-Source: AH8x225322KwaIjksTW2N4yRQXftwe+9lJAvLH9cfgDnehxnUK18GoKZn967zAjKWW18OXUvstJzi2WK+h5AjjOl0hk=
X-Received: by 10.28.155.66 with SMTP id d63mr3715186wme.132.1517993896978; Wed, 07 Feb 2018 00:58:16 -0800 (PST)
MIME-Version: 1.0
Received: by 10.223.152.242 with HTTP; Wed, 7 Feb 2018 00:57:36 -0800 (PST)
In-Reply-To: <fdbd881c-d778-cd0f-a002-f1dd441f519b@nic.cz>
References: <CAHw9_iKnD4WtTKyof=nm4ChmDZ5mAPqA7a_-m1t_Lauugf4Uow@mail.gmail.com> <D5D013D4-1EAD-434B-863A-29CB1BBEF4E4@vpnc.org> <496EFA88-BA70-460B-BFB2-69B2C7BC905D@apnic.net> <4540A279-4A37-4245-AE61-BEE5342E3F72@vpnc.org> <20180202075530.Horde.UWaxe9eenZ7PyxWYFHCFGdN@andreasschulze.de> <e8ac7bd0-26e6-cf97-e2ef-0ead50dc18ce@nic.cz> <88E7D27C-048E-44CB-B317-C892EA603D31@isc.org> <0c2a4a38-49d7-2b46-1ac8-1dda0812e217@nic.cz> <CAHw9_iJ6yL12OaGW5+fm8M3YUkrj46CvC2-ob7Xrc5HEaA_Z1Q@mail.gmail.com> <f9861a96-a930-bd08-7cf5-5c6b003f706e@nic.cz> <24C74B01-FC08-41CD-BB16-FD122F9EB61A@apnic.net> <alpine.DEB.2.11.1802051246230.30577@grey.csi.cam.ac.uk> <FDFE42D8-B805-4336-A9A5-B81F416B3251@apnic.net> <D07FE583-06F7-436D-97EF-4747B815AD3F@vpnc.org> <20180206094215.Horde.m4xt1lsOwvQ28hAbN1r_Tg4@andreasschulze.de> <alpine.DEB.2.11.1802061221510.30577@grey.csi.cam.ac.uk> <2ffeba22-5cf1-4eb0-b45c-fefb7cf1d8f7@nic.cz> <CBB24E6D-D20D-42CC-95D3-82A37C26BC31@vpnc.org> <fdbd881c-d778-cd0f-a002-f1dd441f519b@nic.cz>
From: Warren Kumari <warren@kumari.net>
Date: Wed, 07 Feb 2018 03:57:36 -0500
Message-ID: <CAHw9_iJXeRXkG8Mr_YuSkVV5HuSWNgRo5x=5=td4MhTGx38_oA@mail.gmail.com>
To: Petr Špaček <petr.spacek@nic.cz>
Cc: dnsop <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ak7Git013TptX-RNTx8RKWmz_gc>
Subject: Re: [DNSOP] A conversational description of sentinel.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Feb 2018 08:58:21 -0000

On Wed, Feb 7, 2018 at 2:15 AM, Petr Špaček <petr.spacek@nic.cz> wrote:
>
>
> On 6.2.2018 17:13, Paul Hoffman wrote:
>> On 6 Feb 2018, at 8:04, Petr Špaček wrote:
>>
>>> On 6.2.2018 13:22, Tony Finch wrote:
>>>> A. Schulze <sca@andreasschulze.de> wrote:
>>>>>
>>>>> Yes, "kskroll-sentinel-is-ta-NNNN" is more descriptive and specific.
>>>>> I also prefer that longer variant.
>>>>
>>>> Yes, more friendly for web searches if someone is wondering about weird
>>>> queries.
>>>
>>> Bonus points if we can get a number reserved by RFC editor, it would
>>> allow us to use name like
>>> test-rfc0000-is-ta-NNNN
>>> test-rfc0000-not-ta-NNNN
>>>
>>> That would be super awesome.
>>
>> ...and super-unlikely, given the history of the RFC Series.
>>
>>> Is something like RFC number pre-allocation possible?
>>
>> Sometimes (rarely), after Working Group Last Call. That's why I
>> suggested "kskroll-sentinel" since those words are in the WG draft name,
>> and will probably appear in the IETF Datatracker forever.
>
> Fine. Now we need to have something actionable, e.g. set of names for
> Geoff to test.
>
> Can we have couple proposals and test them in one go, so results are
> comparable?
>
> I've gathered these:
>
> kskroll-sentinel-is-ta-NNNN
> kskroll-sentinel-not-ta-NNNN
> is-ta--NNNN
> not-ta--NNNN
>
> I propose longer but more descriptive variant:
> kskroll-sentinel-dnssec-root-trust-anchor-key-trusted-yes-NNN
> kskroll-sentinel-dnssec-root-trust-anchor-key-trusted-no-NNNN
>
> (I imagine that real meaning of name "kskroll-sentinel" will be known by
> dozen people but hunders or thousands people will encounter it in
> tcpdump, so why not make life easier for them. It costs almost nothing...)
>
> Do we have other proposals?
>
> --
> Petr Špaček  @  CZ.NIC
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

v2.23.0 | Report a Bug | By Email