IETF Logo Mail Archive

Re: [DNSOP] draft-ietf-dnsop-dnssec-trust-history - discussion

Jakob Schlyter <jakob@kirei.se> Tue, 21 September 2010 14:57 UTC

Return-Path: <jakob@kirei.se>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 77C763A6958 for <dnsop@core3.amsl.com>; Tue, 21 Sep 2010 07:57:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.249
X-Spam-Level:
X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aikKGinA7eac for <dnsop@core3.amsl.com>; Tue, 21 Sep 2010 07:57:08 -0700 (PDT)
Received: from mail.kirei.se (wagaya.kirei.se [91.206.174.10]) by core3.amsl.com (Postfix) with ESMTP id 8B4E63A6A45 for <dnsop@ietf.org>; Tue, 21 Sep 2010 07:57:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kirei.se; s=wagaya20060620; t=1285081047; bh=Ga7Q5jxX8QhuFYqjaUrjYBaIo5YpOUJZxFIoIZo6UI8=; h=Mime-Version:Content-Type:From:In-Reply-To:Date:Cc: Content-Transfer-Encoding:Message-Id:References:To; b=KAAuV7AsbPFh2FXX04bmzNq4Vfu3dg0CK5fBOfADuiKqIHuaTYRoP4LKCE+A8od4Y EibsMlsvmvlK5BFjOFMiL5RTt/Ri+R/JCEUJYh50TdhSjvC61ati5B1HakXB7gRa6+ SSJ64+tTXyRECnl8l4nQ1c1+g4KlW9LX0cRCW0xs=
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: text/plain; charset="us-ascii"
From: Jakob Schlyter <jakob@kirei.se>
In-Reply-To: <4C9342C1.309@nlnetlabs.nl>
Date: Tue, 21 Sep 2010 16:57:25 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <DB6185C4-8BC3-4C96-9AA8-D0270D035B46@kirei.se>
References: <569C36E4-4F05-41B2-B0B8-A4B8228F13C9@googlemail.com> <p06240843c8b86ff53ffe@[10.20.30.158]> <4C9342C1.309@nlnetlabs.nl>
To: "W.C.A. Wijngaards" <wouter@NLnetLabs.nl>
X-Mailer: Apple Mail (2.1081)
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] draft-ietf-dnsop-dnssec-trust-history - discussion
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Sep 2010 14:57:09 -0000

On 17 sep 2010, at 12.28, W.C.A. Wijngaards wrote:

> The file is in XML.  It is described in
> http://data.iana.org/root-anchors/draft-icann-dnssec-trust-anchor.txt
> I would like to fix its format, as XML string operations are (in my
> opinion) dangerous - especially for a file someone can force me to parse
> by triggering a validation failure for the root.  It is also in UTF-8,
> that needs unicode conversion?  I really have to have a full XML parser?
> I would assume the file uses the ascii set and no change in linebreaks
> from today.

The file is in XML format and follows the schema from the draft. You should parse this file as XML and not depend on the specific current format/encoding, i.e. new tags and attributes may be added in the future. There are plenty of light-weight XML parsers available and I suggest you try to use one of them instead of rolling your own.

> Also, if I make a special-purpose https. what version of http is
> assumed?  I would assume plain GET, no http stuff, no sslv2.

According to the draft, HTTPS as specified in RFC 2818 (HTTP Over TLS) is used. Checking data.iana.org as of onw gives that it will offer TLSv1/SSLv3 with RC4-SHA.


	jakob

-- 
Jakob Schlyter
Kirei AB - www.kirei.se

v2.23.0 | Report a Bug | By Email