Re: [DNSOP] Publication has been requested for draft-ietf-dnsop-rfc5011-security-considerations-12
Michael StJohns <msj@nthpermutation.com> Sat, 07 July 2018 01:08 UTC
Return-Path: <msj@nthpermutation.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 21DDA130E27 for <dnsop@ietfa.amsl.com>; Fri, 6 Jul 2018 18:08:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6UkdkUsHvYv4 for <dnsop@ietfa.amsl.com>; Fri, 6 Jul 2018 18:08:08 -0700 (PDT)
Received: from mail-yb0-x232.google.com (mail-yb0-x232.google.com [IPv6:2607:f8b0:4002:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63438130E13 for <dnsop@ietf.org>; Fri, 6 Jul 2018 18:08:08 -0700 (PDT)
Received: by mail-yb0-x232.google.com with SMTP id s14-v6so5246702ybp.13 for <dnsop@ietf.org>; Fri, 06 Jul 2018 18:08:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=pXYGPIYZr7d+0slUW7c67GfczRhkz1b4qM5vLGrbRAM=; b=YoymP+beCUisi7wI4E7pcmxody91dTg2UNH7enJUBYVy9J3C4jLIFntznUmL5Q8Smw uA7XFHsUPUKHqCyYDJkoZSWhn2/RUkBdVtr/J9eR0+A+2DarcxGAVBVYWZ95t8QQTWes PDW++iO42HYDUqzqy/HfmB79+XjXUh3ZGC0j7Y0cPAKlzGroLnKZq2QA9GWpkLo+qlu0 l2BhoqTOcPpVx4JgbqtLEQWGwB4plAJz9iNIAA52p0wl/NgIYNHyyTtJWCGdiVRnB8J8 imDTDB6jMcE0c6QNAoRM5t4oGVKvGVn/ekQzhIEAjmJNZN/6DXYrPL5nCrjdbEzCaCTn qdTA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=pXYGPIYZr7d+0slUW7c67GfczRhkz1b4qM5vLGrbRAM=; b=TCAed4IvsklAvWmLukA7oWvX15mZSCrgLBaUfwf/KFa8JFDmnnANnw1rTvIwZzXl4E l1dmOLVdH42ltspWBSztki+j/Phl3nXv5XygAVileuDYWL+VILuT42s7DDCLWSezKPho SbRsJ+Fvgu0uys4X3gTTKmM2Mt7hdrYi7Djz/yfhVB68+UJ43QW+ybgvYjC46iHOWmnU mQK1FaW3rYV/qQv6Ux6z65RJJBURs9MOrsbPB5sBiWJ+txM3NNQBHSscO54qSHo83RSF eFkb/jA/VdhHWN8y53gU/uO/UD2i3QfxnYBMRZMtmihdldza0Uo0lNrXLBzEOpZt87Yn Fp8g==
X-Gm-Message-State: APt69E318vUWuwRV/2dDeXZlQYeAsXjVMGp3JhhBXxdQRQVqn4SCeSg0 qyyorMKDMWf08Lqd6ZWcKDSVLyWn
X-Google-Smtp-Source: AAOMgpeo5UErPrylstFARKuZ81+wzdJD6J+zTzh0ndHIOCONr+1q9kyIksMLkbbrCBRqXPeEtlXscw==
X-Received: by 2002:a25:c506:: with SMTP id v6-v6mr6432097ybe.381.1530925687101; Fri, 06 Jul 2018 18:08:07 -0700 (PDT)
Received: from ?IPv6:2601:152:4400:4013:2969:1e59:4de1:2ca9? ([2601:152:4400:4013:2969:1e59:4de1:2ca9]) by smtp.gmail.com with ESMTPSA id k184-v6sm3781178ywc.95.2018.07.06.18.08.06 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 06 Jul 2018 18:08:06 -0700 (PDT)
To: Tim Wicinski <tjw.ietf@gmail.com>, "dnsop@ietf.org" <dnsop@ietf.org>
References: <153092238624.5315.17258755138091784954.idtracker@ietfa.amsl.com>
From: Michael StJohns <msj@nthpermutation.com>
Message-ID: <f233b9ed-a356-5124-e052-ce4833e25e43@nthpermutation.com>
Date: Fri, 06 Jul 2018 21:08:04 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0
MIME-Version: 1.0
In-Reply-To: <153092238624.5315.17258755138091784954.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/cM0jrDvS601DYipGSRHEzsH4P0Q>
Subject: Re: [DNSOP] Publication has been requested for draft-ietf-dnsop-rfc5011-security-considerations-12
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Jul 2018 01:08:11 -0000
On 7/6/2018 8:13 PM, Tim Wicinski wrote: > Tim Wicinski has requested publication of draft-ietf-dnsop-rfc5011-security-considerations-12 as Proposed Standard on behalf of the DNSOP working group. > > Please verify the document's state at https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc5011-security-considerations/ > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop *sigh* Point of order: Did I miss the final WGLC on this after this last version was published? I can't actually find anything in the DNSOP archives and I don't remember seeing the call. So I'm suggesting that we've missed a required stage. With respect to the shepher's writeup: 1) The first reference in the shepherd's write-up is wrong - its pointing to a whole other set of discussions related to Joe Abley's ideas. 2) The second reference isn't representative of the actual discussion, but only shows the point at which I got worn down. Please include a reference that actually shows the attempts to try and resolve my issues. 3) This document should not be a Proposed Standard as it documents nothing implementable (that is nothing implementable in a computer), but is operational guidance for the publication process. 4) Is it usual for the WG chair to write the shepherd's report? Specifically, it seems a conflict of interest for items (3) -(6). 5) The technical summary is misleading. This is not an update to 5011, but guidance to the zone publisher who may have not understood the implications of operational choices (e.g. steady state single trust anchor vs 5011s recommendation of multiple trust anchors). E.g. "RFC5011 DNSSEC Key Rollover Strategy" isn't a document referenced by this document, and that would be the document that would be in need of an update. 6) Same comment - it's not an update to the 5011 timers, but to the understanding of the publishers of such zones that use 5011. 7) Please include references of the emails of the "root server community" review - AFAICT, Ed Lewis was the only one to comment on the list and the last comment was last year. Mike Mike
- Re: [DNSOP] Publication has been requested for dr… Tim Wicinski
- Re: [DNSOP] Publication has been requested for dr… Michael StJohns
- Re: [DNSOP] Publication has been requested for dr… Michael StJohns
- [DNSOP] Publication has been requested for draft-… Tim Wicinski
- [DNSOP] Working Group Last Call for for draft-iet… Michael StJohns
- Re: [DNSOP] Working Group Last Call for for draft… Paul Hoffman
- Re: [DNSOP] Working Group Last Call for for draft… Michael StJohns
- Re: [DNSOP] Working Group Last Call for for draft… Wes Hardaker
- Re: [DNSOP] Working Group Last Call for for draft… Paul Hoffman
- Re: [DNSOP] Working Group Last Call for for draft… Warren Kumari