IETF Logo Mail Archive

Re: [DNSOP] [Technical Errata Reported] RFC8078 (5049)

Paul Wouters <paul@nohats.ca> Mon, 26 June 2017 11:27 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB8A21296CF for <dnsop@ietfa.amsl.com>; Mon, 26 Jun 2017 04:27:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RsSUHYARS50l for <dnsop@ietfa.amsl.com>; Mon, 26 Jun 2017 04:27:06 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C53F8126CD8 for <dnsop@ietf.org>; Mon, 26 Jun 2017 04:27:06 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3wx6GG3kZ8z3GW; Mon, 26 Jun 2017 13:27:02 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1498476422; bh=ZKa96QQ2DN+qim3A9R9x41mTGVgd0uNpXfGVu+OCHUQ=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=cj6P0NfLDDYfpuYwU/vXGimm05sZI7AoHcjc/S2SSONu5QbAd2bbguQ4MbQBD0X8q 0YxJKmpbUqxpddiWo2iUWBEbWq+x+/sYQptaO+2eOJqnFPpHj1duX7G8hUSVyAweb4 lIgF89lMGbHR9coW3bTmpvMdv2SIjp8CDUf9dWxE=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id i0ihLLtprBWP; Mon, 26 Jun 2017 13:27:00 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Mon, 26 Jun 2017 13:27:00 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 34668F25; Mon, 26 Jun 2017 07:26:59 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 34668F25
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 1CC5740D3592; Mon, 26 Jun 2017 07:26:59 -0400 (EDT)
Date: Mon, 26 Jun 2017 07:26:58 -0400
From: Paul Wouters <paul@nohats.ca>
To: Jan Včelák <jv@fcelda.cz>
cc: Ólafur Guðmundsson <olafur@cloudflare.com>, tjw.ietf@gmail.com, Matthijs Mekking <matthijs@pletterpet.nl>, Ondřej Caletka <Ondrej.Caletka@cesnet.cz>, IETF DNSOP WG <dnsop@ietf.org>, Dick Franks <rwfranks@acm.org>, suzworldwide@gmail.com, pwouters@redhat.com, bclaise@cisco.com, Olafur Gudmundsson <olafur+ietf@cloudflare.com>, RFC Editor <rfc-editor@rfc-editor.org>
In-Reply-To: <CAM1xaJ9F91s9+O1CtwApdOq_5DorMU3SXSvZajGAdGV1h0oHFg@mail.gmail.com>
Message-ID: <alpine.LRH.2.21.1706260718320.5646@bofh.nohats.ca>
References: <20170623105434.22478B810AB@rfc-editor.org> <CAN6NTqyBg74NF-F8imGiK0ArwxAbhc0uE_xXbX-No+Le8E9DUg@mail.gmail.com> <CAKW6Ri7npS57gupPrUc2aGhsg21u8csx+69GKrCFkeQ6H5Dnxw@mail.gmail.com> <9284fde5-ea75-a25a-3aa1-2e521753dc3e@cesnet.cz> <519c2cb0-0239-e28f-e4e8-6dcb13459d3d@pletterpet.nl> <CAM1xaJ9F91s9+O1CtwApdOq_5DorMU3SXSvZajGAdGV1h0oHFg@mail.gmail.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/hli2eW--fK0tUHutHyDIC43AhlI>
Subject: Re: [DNSOP] [Technical Errata Reported] RFC8078 (5049)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jun 2017 11:27:09 -0000

On Mon, 26 Jun 2017, Jan Včelák wrote:

> It is maybe suboptimal that wire format for DS/DNSKEY delete-request
> was not specified in the document.

The reason we did not, was that we did not mean to have anything
"special" on either the presentation or the wire format, so there
was no need to specify a wire format. When Mathijs noticed it was
different, we added his disclaimer that the presentation format (and
thus wireformat) was different. Once we added the additional zeros,
we were no longer using a different format, so we removed that
disclaimer again. We thought we no longer asked something non-standard.

> The implementers should be careful and avoid the trouble. In this
> sense, I think parent zone should accept both zero-length and one-byte
> long digests/keys as a request to remove the DS.

Yes that seems best. In fact, it could ignore the entire digest field
content when algorithm 0 is found.

And the cross this with another giant ietf-thread, that is a correct
application of the Postel Principle :P

Paul

v2.23.0 | Report a Bug | By Email