Re: [DNSOP] Working Group Last Call for draft-ietf-dnsop-negative-trust-anchors

神明達哉 <jinmei@wide.ad.jp> Mon, 11 May 2015 16:05 UTC

MIME-Version: 1.0
Sender: jinmei.tatuya@gmail.com
In-Reply-To: <CAHw9_iLbx_soi1+LaSwMKarLcT1kBCrFdaX8diwMVZp70KeePA@mail.gmail.com>
References: <553EBF02.3050703@gmail.com> <CAJE_bqc-T75k3sQZKtAF1VHp49biGn+Es5v5FivNSz5e3oB-Cg@mail.gmail.com> <CAHw9_iL9RLp0jynT0m_D6dGZYhmdonvBC-5ifTdB63eh5gvBeg@mail.gmail.com> <CAJE_bqesFPG6d3UsFmtFRjUBQqfifHkaBMR0sXAaNKuN10HL4A@mail.gmail.com> <CAHw9_iLbx_soi1+LaSwMKarLcT1kBCrFdaX8diwMVZp70KeePA@mail.gmail.com>
Date: Mon, 11 May 2015 09:05:12 -0700
Message-ID: <CAJE_bqeUeuRnFAkq-=ZSCwX62=z2QDQ=gG7Yq88dmrf72g5N5g@mail.gmail.com>
From: 神明達哉 <jinmei@wide.ad.jp>
To: Warren Kumari <warren@kumari.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/anyj85wiNgBWWKRkQVx81jFmMBs>
Cc: Tim Wicinski <tjw.ietf@gmail.com>, dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] Working Group Last Call for draft-ietf-dnsop-negative-trust-anchors
Precedence: list

At Sat, 9 May 2015 15:08:11 +0200,
Warren Kumari <warren@kumari.net> wrote:

> > 1. In my very original comment on this matter:
> >    www.ietf.org/mail-archive/web/dnsop/current/msg12614.html
> >    I noted one other corner case, which we might also want to clarify:
> >      On a related note, there are some corner cases which may also be
> >      worth noting: queries for DS or DLV (or anything similar to that).
> >      So, for example, zone1.example.com/DS should still be validated even
> >      if there's an NTA for zone1.example.com.  Again, this might sound
> >      obvious, but I think it's worthwhile.
>
> I have spent some time trying to figure out some text that explains
> this without becoming really complex and wordy. If anyone has some
> text that they would be willing to send I'd appreciate it...

I didn't think we'd need wordy text to explain this, but I wouldn't be
opposed to omitting this topic from this document.  In practice, it
wouldn't matter much whether we validate zone1.example.com/DS in the
example case since everything else on and under zone1.example.com
won't be validated anyway.

--
JINMEI, Tatuya

[DNSOP] Working Group Last Call for draft-ietf-dn… Tim Wicinski
Re: [DNSOP] Working Group Last Call for draft-iet… Olafur Gudmundsson
Re: [DNSOP] Working Group Last Call for draft-iet… 神明達哉
Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
Re: [DNSOP] Working Group Last Call for draft-iet… Evan Hunt
Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
Re: [DNSOP] Working Group Last Call for draft-iet… Paul Hoffman
Re: [DNSOP] Working Group Last Call for draft-iet… Rose, Scott W.
Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
Re: [DNSOP] Working Group Last Call for draft-iet… Dan York
Re: [DNSOP] Working Group Last Call for draft-iet… 神明達哉
Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
Re: [DNSOP] Working Group Last Call for draft-iet… Paul Hoffman
Re: [DNSOP] Working Group Last Call for draft-iet… Paul Hoffman
Re: [DNSOP] Working Group Last Call for draft-iet… Evan Hunt
Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
Re: [DNSOP] Working Group Last Call for draft-iet… 神明達哉
Re: [DNSOP] Working Group Last Call for draft-iet… 神明達哉
Re: [DNSOP] Working Group Last Call for draft-iet… Bob Harold
Re: [DNSOP] Working Group Last Call for draft-iet… Evan Hunt
Re: [DNSOP] Working Group Last Call for draft-iet… Evan Hunt
Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
Re: [DNSOP] Working Group Last Call for draft-iet… Ralf Weber
Re: [DNSOP] Working Group Last Call for draft-iet… Evan Hunt
Re: [DNSOP] Working Group Last Call for draft-iet… Warren Kumari
Re: [DNSOP] Working Group Last Call for draft-iet… 神明達哉