IETF Logo Mail Archive

Re: [DNSOP] Fwd: I-D Action: draft-toorop-dnsop-ranking-dns-data-00.txt

"Wessels, Duane" <dwessels@verisign.com> Wed, 06 March 2024 21:06 UTC

Return-Path: <dwessels@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEADAC14F5E4 for <dnsop@ietfa.amsl.com>; Wed, 6 Mar 2024 13:06:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d3h3fbMBi1_V for <dnsop@ietfa.amsl.com>; Wed, 6 Mar 2024 13:06:39 -0800 (PST)
Received: from mail3.verisign.com (mail3.verisign.com [72.13.63.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24A9FC14E513 for <dnsop@ietf.org>; Wed, 6 Mar 2024 13:06:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=14140; q=dns/txt; s=VRSN; t=1709759199; h=from:to:date:message-id:references:in-reply-to: mime-version:subject; bh=yeg1acMaD5IwfuyTVcQU9H2FXlNA+OIq/1vbSkeqozM=; b=TJf25hrUKzEj9GqvI7IoExsAJieCLQrmzj3cphgKVRPKzbtB01QhoPBY 8TbjLeL1HhiYvgPBaeycW1JtBRGCfyZ68ezMv5apUmTDdTuXL2W8jA8G1 G4qwSq3TQy4047oIBOeCnLXYChgehcV4D0Behcwws76shZXlFLl6THFaS rh1Xsley/GN6u6t9PE2ifwy7WsCy39e7/UzWj141frkv+98F1Zd6GkHnK z3tKDFvBIEzlA13iTyEgqqlJVc9NvfWMDll2txBIjKyzlrJFsfeoUow0T eF1WpfGdQjfPeY+fDy9haI0xEkao0vHin1evOo3pEeaRoKZaHVURWppUL Q==;
X-CSE-ConnectionGUID: aMMTf9h7Q4GJacTTgKbGoQ==
X-CSE-MsgGUID: 30Pnsk5NTqy+vMjEbYJVYw==
X-ThreatScanner-Verdict: Negative
IronPort-Data: A9a23:7SMkW60VWfBinRlEXPbD5YZ2kn2cJEfYwER7XKvMYbSIpGtil2len TNbADbYJb/RMSHyZpovP9PnsQ9E7KZh/KYgFVsx+Dd1EGkiRaHtW9iTIBerY3LKIMGZE0tss 8tEY4mQcMs+ESaN9kbwbem9oygnjv/QHuaiV+WcYnkvGAVoGXt51h46lrRgiNYy3bBVb+/jV fba+qUzb3f5gWYkWo5t14qDtA937rO1vzgDphoyZP9Kt1LEiz8eC5dHj0gbxkaQfmUvJQLGe tvrzK2l5jGeuA8uC5aima3jNEELTb/ZMBKSzHFRXvCPwUDITuRj0ronLKhbYk5chi/PhMF0w chRtdq7TgJuO7XPmaMRUhZZGCxkIaYc47/OO3WzqsmSykDNej3n2ek2OXxeAWFjwQoLPI003 aRecFgwRhCfm/qtkvX8VfZzwMgiI8jgMZkD/HpnyHbyNc1+63lovuaSTzbzPF8Mart18YHji 7AxNXw3BCnoYwFTIkxFT9Uhg/juinjwcjZVsk7Trq0ypEPr91TbORMQc4J/k3dq7yz+c2+et wr6Ex/C7mYn2Ka3lXzdmk+EhvPThTipH8UNC6L++v9lgVae3HBVAxoTEkGjqLykgxbWZz4kE KBjx8ZUhfR0rCSWZtnhQwWj8jnDoQEDHdZRHOwx5RuRjKHT5kGDHmFBUzcZQrQaWLQNqUsXO iWhw5WxbQFSjYB5aU5x15+f8W/qYXJEJj8JPXUOQVFU6Ne7qtlp002eE4tqSvPr14GsSWD7z g7RoXlljd3/ryKpO4aTpgmb3m329vAlaiZvu207i0r8tlsRiLaNPtHusR6Dq68YcO51d3HZ1 FAcgc+S8esSOp+EkS2JUY0lEaqgjxq/GGS0bWVHQd95qVxBx1b5JdoMuGomeh81Wio5UWSBj HH76Fs5CKB7YSPCgZ9fO+qZF8ksxK78ItXpPti8gg1mO8UZmKevpUmCVGbIt4zfuBFEfZIXY P93Rf2R4UMyUsyL+hLtHrtAjuV7rswJ7Ti7qZjTl3xL2JLAPCLFEe9t3FGmNojV54vcyOnZH ko222JnBHyzXcWnChQ7/7L/IngDCF0HC8H29PULWcyKKTZaF0IrJPjolOZJl4xNx8y5l8/ix FfkZWl1+AKlw2PMLh+SLHlvLq31RpA5pnU+VcAuFQ/wnSF8OsD2sfxZK8pfkboPrYSPydZ4U PQeYMiEGdxRRy7G4DUSa9/2q4kKmBGD3lvfZXv4PWlXk5hIHFTx/MTnIy3T7ThNEA+1mMEPg YORyVaOKXYEb0E4ZCrMU9qjyUi2pVAclf58GUzSLbFulF7E+pJscjP3g+9veYQXNw+FwzqBk gyRRx0Co7CLvZUu9p/CgqXsQ5qVLtaS13FyRwHzhYta/wGDloZ/6eesiNq1QA0=
IronPort-HdrOrdr: A9a23:6Xf0CqBbwPKPzkzlHelx55DYdb4zR+YMi2TDsHoBLCC9E/bo9f xG88566faZslgssRIb9uxoUZPoKU80nqQFgrX5U43CYCDW/EWlK4145ZbvznnKC0TFmtJ15O NFf7JlANP9SXp3na/BijWQIpIFzMOc+K6lwd3CyWxgJDsGV4h74xxnBh2gHkp6eQlDCfMCf6 ah2g==
X-Talos-CUID: 9a23:YYQWPm8YXRX9OjDpTROVv0cxP/wrI32C9Sv/AUazNVpma7e6TmbFrQ==
X-Talos-MUID: 9a23:O8Fh9AjvHV9coOP7cDt8TcMpb59Q5b+tVWYxiIRFpeyGGCZBGQmsk2Hi
X-IronPort-AV: E=Sophos;i="6.06,209,1705363200"; d="p7s'?scan'208,217";a="31929559"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Wed, 6 Mar 2024 16:06:37 -0500
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) by BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) with mapi id 15.01.2507.035; Wed, 6 Mar 2024 16:06:37 -0500
From: "Wessels, Duane" <dwessels@verisign.com>
To: DNSOP Working Group <dnsop@ietf.org>
Thread-Topic: [EXTERNAL] [DNSOP] Fwd: I-D Action: draft-toorop-dnsop-ranking-dns-data-00.txt
Thread-Index: AQHaboSkLAsWXsyi/EmgT4cn11ssWrErixaA
Date: Wed, 06 Mar 2024 21:06:37 +0000
Message-ID: <09579567-A438-465D-9AC8-13A5756BD0ED@verisign.com>
References: <57517c17-fa72-4180-a1ac-b74eac12ca88@NLnetLabs.nl>
In-Reply-To: <57517c17-fa72-4180-a1ac-b74eac12ca88@NLnetLabs.nl>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3731.700.6.1.1)
x-originating-ip: [10.170.148.18]
Content-Type: multipart/signed; boundary="Apple-Mail=_7212D426-FBA0-4CAA-B2B3-BD3A5B6DE0BB"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/hVf6usdzjbIy2703zc7IjuQcUus>
Subject: Re: [DNSOP] Fwd: I-D Action: draft-toorop-dnsop-ranking-dns-data-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Mar 2024 21:06:43 -0000

Hi, some initial thoughts:

RFC 2181 says "Data from a zone transfer, other than glue” but this draft doesn’t make any exceptions for glue or non-authoritative data from a zone transfer.  Is that intentional?

Should RFC 8767 stale data be ranked differently than fresh data?

Should EDNS Client Subnet play into ranking?

DW




> On Mar 4, 2024, at 6:37 PM, Benno Overeinder <benno@nlnetlabs.nl> wrote:
> 
> Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. 
> -------- Forwarded Message --------
> Subject: I-D Action: draft-toorop-dnsop-ranking-dns-data-00.txt
> Date: Mon, 04 Mar 2024 13:12:26 -0800
> From: internet-drafts@ietf.org
> To: i-d-announce@ietf.org
> 
> Internet-Draft draft-toorop-dnsop-ranking-dns-data-00.txt is now available.
> 
>   Title:   Ranking Domain Name System data
>   Authors: Paul Hoffman
>            Shumon Huque
>            Willem Toorop
>   Name:    draft-toorop-dnsop-ranking-dns-data-00.txt
>   Pages:   4
>   Dates:   2024-03-04
> 
> Abstract:
> 
>   This document extends the list ranking the trustworthiness of domain
>   name system (DNS) data (see Section 5.4.1 of [RFC2181]).  The list is
>   extended with entries for root server names and addresses built-in
>   resolvers, and provided via a root hints file with the lowest
>   trustworthiness, as wel as an entry for data which is verifiable
>   DNSSEC secure with the highest trustworthiness.  This document
>   furthermore assigns ranked values to the positions of the list for
>   easier reference and comparison of trustworthiness of DNS data.
> 
> The IETF datatracker status page for this Internet-Draft is:
> https://secure-web.cisco.com/1-KFlj_oYrZOH-5BhyKqBeDYA57SqQxpkiil5nsPhQR9QBqNk5C1dftYIqaAaBo55ch7u5zlzSyavgTQh3U4JVQSRVGLu4rDLk6FjqWp5kurgOW2oqCka2YyZ9SzqiOfjQbUP2XEQi9izTnWo90VgorxeKRntDUgxyVOYihvFygAM6nuXgV8jBlXpMb2pxDPAfbX70Wv0uqDcZiq1A979EWVqSt9MCvNxQr2kerBKq7OAzltfygzvl6X_KUg8Hoq1R3TOzWDL9uJCJdiWawGKtp80A9QP2MuAXF70_-cRUAI/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-toorop-dnsop-ranking-dns-data%2F
> 
> There is also an HTMLized version available at:
> https://secure-web.cisco.com/1MS_L_uLvJbHCh42n3cgkh_vZRkcg-dAAs_ThN8dzzEXCzyNrE60Pow2LR2HWuKjY1rtp9zIXQPO9QWmDyKZ3drYTqpRRPAhOG408US3yeZ_ybTUwx5ZmGVFIDhhZCDyIuP4Rg_kj_e4KE4mxsKgzgEfIQdwq7bK01e2Edkb4wSY0JIrc-Hzwsw6uz-xNn84Qrb8f3ltQ4Ei9RGjHCnWzJ4NFCNmChSwQ7D9QkgFVPeZKGEVSEIwpohbW91IyDYpcHAs4A1RD-dezuELyugLuLafMYiooQeTs6JwhnK9UPXc/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-toorop-dnsop-ranking-dns-data-00
> 
> Internet-Drafts are also available by rsync at:
> rsync.ietf.org::internet-drafts
> 
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://secure-web.cisco.com/1tsEMQC3Zecz5o61auTq0E97pflQrX3OHLUXtw4gyrJms3GEbkEmq1XikMPMvYLfFtsbpF0ywAkAOP674RMmrkeAJCnXXx9NyLN0KU9uKmvS3lhZ4ste6C9PM-fjBLzZQeg8oaUexDd7FDoDEkx6l4vrXi5QadmS-ZydnLgKxJsLB2arRZlHXiMm_UXCLHZWYGwTlCYoxupX1buUc3jOw3QN7hp6TmPsUEaNJUIJoiustJUfO4pppH1yzrjf_B9-bnwZJBnApnH_AL9Dep-ELQxFrkCKXZONXLa_VZgKV50M/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fdnsop
>

v2.23.0 | Report a Bug | By Email