Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

Jaap Akkerhuis <jaap@NLnetLabs.nl> Fri, 26 January 2018 17:00 UTC

Return-Path: <jaap@NLnetLabs.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEAA7126C22 for <dnsop@ietfa.amsl.com>; Fri, 26 Jan 2018 09:00:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kv2LB3Tj2PO4 for <dnsop@ietfa.amsl.com>; Fri, 26 Jan 2018 09:00:36 -0800 (PST)
Received: from bela.nlnetlabs.nl (bela.nlnetlabs.nl [IPv6:2a04:b900::1:0:0:15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18899126CD8 for <dnsop@ietf.org>; Fri, 26 Jan 2018 09:00:35 -0800 (PST)
Received: from bela.nlnetlabs.nl (localhost [127.0.0.1]) by bela.nlnetlabs.nl (8.15.2/8.15.2) with ESMTPS id w0QH0XEw029938 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <dnsop@ietf.org>; Fri, 26 Jan 2018 18:00:33 +0100 (CET) (envelope-from jaap@NLnetLabs.nl)
Received: from bela.nlnetlabs.nl (jaap@localhost) by bela.nlnetlabs.nl (8.15.2/8.15.2/Submit) with ESMTP id w0QH0XoV029935 for <dnsop@ietf.org>; Fri, 26 Jan 2018 18:00:33 +0100 (CET) (envelope-from jaap@NLnetLabs.nl)
Message-Id: <201801261700.w0QH0XoV029935@bela.nlnetlabs.nl>
X-Authentication-Warning: bela.nlnetlabs.nl: jaap owned process doing -bs
To: dnsop <dnsop@ietf.org>
From: Jaap Akkerhuis <jaap@NLnetLabs.nl>
In-reply-to: <3eb04472-82f0-9dd9-0922-4e6cd4f825e6@nic.cz>
References: <9DCE2F63-EE37-4865-B9D6-6B79BBE05593@gmail.com> <CAJE_bqcSirZyfr7PKhf=ttMxf=DeMVeJPNPn=R-HS2cH3Z-nPw@mail.gmail.com> <8e69dac2-359b-d528-45e5-05604f4dbf90@nic.cz> <CAJE_bqdeDRmN78dE5VUYDB6y-fXfUK9gSOkjJxszcP0WjjR9dw@mail.gmail.com> <3eb04472-82f0-9dd9-0922-4e6cd4f825e6@nic.cz>
Comments: In-reply-to Petr Špaček <petr.spacek@nic.cz> message dated "Fri, 26 Jan 2018 17:32:33 +0100."
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-ID: <29933.1516986033.1@bela.nlnetlabs.nl>
Content-Transfer-Encoding: 8bit
Date: Fri, 26 Jan 2018 18:00:33 +0100
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.2 (bela.nlnetlabs.nl [127.0.0.1]); Fri, 26 Jan 2018 18:00:33 +0100 (CET)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/dj38R_00qXtty_CVv63LmYCsEyo>
Subject: Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jan 2018 17:00:38 -0000

 Petr Špaček writes:

 > <SNIP>
 >
 > An example: RFC 4033 clearly states what should be done if result of
 > validation is "Bogus". Nonetheless, Unbound has "val-permissive-mode:
 > yes" which enables admin to pass bogus answers.
 >
Note that the default setting is "val-permissive-mode: no".  It is
just a knob for all those people who want to shoot themselves in
the foot.

	jaap