Re: [DNSOP] Alissa Cooper's No Objection on draft-ietf-dnsop-negative-trust-anchors-10: (with COMMENT)

"Livingood, Jason" <Jason_Livingood@cable.comcast.com> Mon, 13 July 2015 18:54 UTC

Return-Path: <Jason_Livingood@cable.comcast.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 361CF1B2D28; Mon, 13 Jul 2015 11:54:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.225
X-Spam-Level:
X-Spam-Status: No, score=0.225 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tbzwpBeBYlLW; Mon, 13 Jul 2015 11:54:13 -0700 (PDT)
Received: from pacdcmhout01.cable.comcast.com (PACDCMHOUT01.cable.comcast.com [68.87.31.167]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E8D51B2D37; Mon, 13 Jul 2015 11:54:09 -0700 (PDT)
X-AuditID: 44571fa7-f796a6d000005411-85-55a4094e0ea7
Received: from PACDCEXHUB01.cable.comcast.com (dlpemail-wc-5p.sys.comcast.net [24.40.13.176]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by pacdcmhout01.cable.comcast.com (SMTP Gateway) with SMTP id 5C.03.21521.E4904A55; Mon, 13 Jul 2015 14:54:08 -0400 (EDT)
Received: from VAADCEX34.cable.comcast.com (147.191.103.211) by PACDCEXHUB01.cable.comcast.com (24.40.56.114) with Microsoft SMTP Server (TLS) id 14.3.181.6; Mon, 13 Jul 2015 14:53:31 -0400
Received: from VAADCEX39.cable.comcast.com (147.191.103.216) by VAADCEX34.cable.comcast.com (147.191.103.211) with Microsoft SMTP Server (TLS) id 15.0.1044.25; Mon, 13 Jul 2015 14:53:30 -0400
Received: from VAADCEX39.cable.comcast.com ([fe80::3aea:a7ff:fe12:37f4]) by VAADCEX39.cable.comcast.com ([fe80::3aea:a7ff:fe12:37f4%19]) with mapi id 15.00.1044.021; Mon, 13 Jul 2015 14:53:30 -0400
From: "Livingood, Jason" <Jason_Livingood@cable.comcast.com>
To: Evan Hunt <each@isc.org>, Olafur Gudmundsson <olafur@cloudflare.com>
Thread-Topic: [DNSOP] Alissa Cooper's No Objection on draft-ietf-dnsop-negative-trust-anchors-10: (with COMMENT)
Thread-Index: AQHQudD9fYPbJU0evkq6ku7AUo2Yi53SopiAgAAWpwCAAKskAIAAIwuAgAAHggCABjfWAA==
Date: Mon, 13 Jul 2015 18:53:30 +0000
Message-ID: <D1C980E4.10A959%jason_livingood@cable.comcast.com>
References: <20150708225400.20543.78092.idtracker@ietfa.amsl.com> <CAHw9_iJ9LPDhhdDby4QW6K354P7rEuxOjTbAVdSmd2td7AAJnw@mail.gmail.com> <20150709031114.GA78479@isc.org> <16533673-B804-4F47-9427-3D2701E66344@gmail.com> <CAN6NTqwSqg0Y3_fPuM9Xs3OQ9gi2QuJUaBWXjGuRmbs01_M-Rw@mail.gmail.com> <20150709155604.GA89001@isc.org>
In-Reply-To: <20150709155604.GA89001@isc.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.8.150116
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [68.87.29.11]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <38EBF634851FEF41A6A2F1CF60AFC1F7@cable.comcast.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrDKsWRmVeSWpSXmKPExsUiocG7QTeAc0mowfzLUhbTz/xltHizfRKL xd03l1ks/swSsvjRcBHIm9TGarFkipjFjD8TmS0Wb97IYtE0ZRqrxbS2zcwO3B4fZ09g8/jy 5CWTx85Zd9k9liz5yeTx4PE75gDWKC6blNSczLLUIn27BK6MhafusRc8Z6m4uFa6gfEZcxcj J4eEgInEsgfnWSFsMYkL99azdTFycQgJbGOSaGn5yQjhHGSUWLP5AROEc5hRYuLXuewQzklG iZZzvYwg/WwCNhLTtx0Fmysi4CHR9u8KWAezwAYWid9d28CWCAsUSlw4+JwFoqhIYtLHlUA2 B5AdJjHhbgyIySKgKrFmkhJIBa+AvcTnngNQJ51gkjj4+QcbSIJTQFfizvQXTCA2I9Dd30+t AbOZBcQlbj2ZzwTxj4DEkj3nof4UlXj5+B/YCaICehKHZn1kgYgbSGxdug/sBAkBeYmPc6HG 6Egs2P2JDcJ2kDhyoo0dwtaWWLbwNTPEbYISJ2c+ARsjBDTy0q7L7BAjxSUOH9nBOoFRdhaS i2YhGTsLydhZSMbOQjJ2ASPrKka5gsTklOTcjPzSEgNDveTEpJxUveT83OTE4hIQvYkRmIZc wuWX72C898LpEKMAB6MSD++rK4tDhVgTy4orcw8xSnAwK4nwzr0LFOJNSaysSi3Kjy8qzUkt PsQozcGiJM7bzLokVEggPbEkNTs1tSC1CCbLxMEp1cC4SmW7TqFIpYZfhkOSfWePB3cX65sz n8s1mIVul09xZRWeUOf5zTht0Ym81DVtz9d0i6zt3fR6tfaTD7ImYjr/r1Wt4tUJyf46d6k3 57LfFbz1s84tmSkv2SR62Hl3lQCXmlQ3Y+88nX698hLt20t0og/rbbqynd8v4+3+V4fd5/0L KHJ8k6PEUpyRaKjFXFScCAArhIGzPwMAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/jEitSE6iTunhqGFKNg_GXPBln9Q>
Cc: Tim Wicinski <tjw.ietf@gmail.com>, "draft-ietf-dnsop-negative-trust-anchors.ad@ietf.org" <draft-ietf-dnsop-negative-trust-anchors.ad@ietf.org>, "dnsop-chairs@ietf.org" <dnsop-chairs@ietf.org>, dnsop <dnsop@ietf.org>, Alissa Cooper <alissa@cooperw.in>, Suzanne Woolf <suzworldwide@gmail.com>, The IESG <iesg@ietf.org>, "draft-ietf-dnsop-negative-trust-anchors.shepherd@ietf.org" <draft-ietf-dnsop-negative-trust-anchors.shepherd@ietf.org>, "draft-ietf-dnsop-negative-trust-anchors@ietf.org" <draft-ietf-dnsop-negative-trust-anchors@ietf.org>
Subject: Re: [DNSOP] Alissa Cooper's No Objection on draft-ietf-dnsop-negative-trust-anchors-10: (with COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2015 18:54:14 -0000

On 7/9/15, 11:56 AM, "Evan Hunt" <each@isc.org> wrote:
>Valid point. When the NTA for a name expires, the cached data at and
>below that name can also be discarded, so TTLs aren't a major concern
>when the cache and the validator are coresident,

Yeah, in my experience when we remove a NTA we do a cache flush for that
zone at the same time. But it is all highly variable based on the
situation. I think mandating a max time for a NTA gives us the illusion of
control when the reality is that some judgement tends to be required in
this and many other operational matters. Such is life. ;-)

- Jason