IETF Logo Mail Archive

Re: [DNSOP] [IANA #1362913] expert review for draft-ietf-dnsop-dnssec-bootstrapping (dns-parameters)

"Rose, Scott W. (Fed)" <scott.rose@nist.gov> Mon, 22 April 2024 11:41 UTC

Return-Path: <scott.rose@nist.gov>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4DD8C14F71A for <dnsop@ietfa.amsl.com>; Mon, 22 Apr 2024 04:41:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.147
X-Spam-Level:
X-Spam-Status: No, score=-10.147 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-2.049, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.999, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nist.gov
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id psU-EHtSrrSD for <dnsop@ietfa.amsl.com>; Mon, 22 Apr 2024 04:41:47 -0700 (PDT)
Received: from GCC02-DM3-obe.outbound.protection.outlook.com (mail-dm3gcc02on2042.outbound.protection.outlook.com [40.107.91.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 271E8C14F694 for <dnsop@ietf.org>; Mon, 22 Apr 2024 04:41:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jb+MU07VFYqdAOkKotrMzGTlNwJX/ToKpTk9iqR+vqgHlZHxbymYp27kowLsrg5jTfOJuoVbVx3yHCzvwOCEgCRkkopn7q0wWAV+6zorOO0GW9AgdupHod3meuqvIXczsUBbK1My4u5o2Y0KnguRU1we6vnYQX9me8w+QDNTPTqrb0pA3dUzJOfzdNNZit26I2twH/XT6rAGkqDN5YG6p96H5arCkFmXlS4Ctcj44U+PyvYOjbm9ZhsNOKzpmdMeYBMIMJ1V501e6rhVJ2rmCaul7JyUkhHjzAu98MO5OT7tn8oQ/9Pk0P3I7CE8eZ6R0CV9cq7xxRT3o2dFTMjuhw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9wutiIJX6MEjK9dU7fQi9v+jFM2AWqdzCWxJ4/BGQgo=; b=Z6SfgIBXlKpxxysPuES2Iq25AP39D7SiQZQELS/QqmNuTgpANr0EPI8EOYzEWfUalxhgKXVgvpmIvbBlZgYvXK41sZiyiWMa5t91T+QxsfQ172rX5Wsc5+3EiUnqOHCdtEppm+da2kEW0DwK3EgK9lbE1DUryUeazwV8PHxQuxAJ6dwdfBnCnZLTsFF9yW4TU0LcWYQLQF6KsehWrkxbwV9P7yC8VJGrtLPkMl/nIN20iABbhoJBZbcurJK7QmCx/TLf4aPXo/5IPUO4iDxeN4tfmd1p3MrCkT4JzjHJkOjWkth6CuyOvIpaUcV8LAPuwOCrxUXXvIwU+auIQMA1ng==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 129.6.16.77) smtp.rcpttodomain=ietf.org smtp.mailfrom=nist.gov; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nist.gov; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9wutiIJX6MEjK9dU7fQi9v+jFM2AWqdzCWxJ4/BGQgo=; b=JJuAq1kJxPy/qf2JuneQteHSGodlFTNyva580hdfmRCSx0gGvYPjzugw/AE4uu1jlNk6Tn8kF1SdbrII3d42LYKXhA9x6A5A52D779LsmJ9iqhEsvNGbGW8AX3e6+XTbvX3etaMY1l3pDI+BzmejtgQomc5u0YcOPgyKG7aQMiJhqt5/60HoxOBQkAWVLxCP8i1sd0Hgf/uXUlRSViGt1e93e4FlcbW230wNA+Aj4XOvin5puiDS26WUev6+hnlR7jrmXyHdsq59NGgBaHxiX/8GR9I+WlIiApaaQZTOSGdpPJN7FCNWHT/GsYBmwinYYEkrZ+Nxq2vQ7h1TS2+Myw==
Received: from CYXPR09CA0004.namprd09.prod.outlook.com (2603:10b6:930:d4::13) by PH8PR09MB10157.namprd09.prod.outlook.com (2603:10b6:510:182::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Mon, 22 Apr 2024 11:41:43 +0000
Received: from DS1PEPF00017E07.namprd09.prod.outlook.com (2603:10b6:930:d4:cafe::65) by CYXPR09CA0004.outlook.office365.com (2603:10b6:930:d4::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.33 via Frontend Transport; Mon, 22 Apr 2024 11:41:43 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 129.6.16.77) smtp.mailfrom=nist.gov; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nist.gov;
Received-SPF: Pass (protection.outlook.com: domain of nist.gov designates 129.6.16.77 as permitted sender) receiver=protection.outlook.com; client-ip=129.6.16.77; helo=smtp2.nist.gov; pr=C
Received: from smtp2.nist.gov (129.6.16.77) by DS1PEPF00017E07.mail.protection.outlook.com (10.167.18.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.19 via Frontend Transport; Mon, 22 Apr 2024 11:41:43 +0000
Received: from [129.6.109.151] ([129.6.109.151]) by smtp2.nist.gov with Microsoft SMTPSVC(10.0.14393.4169); Mon, 22 Apr 2024 07:41:42 -0400
From: "Rose, Scott W. (Fed)" <scott.rose@nist.gov>
To: Paul Wouters <paul@nohats.ca>
Cc: Peter Thomassen <peter@desec.io>, drafts-expert-review-comment@iana.org, nils@desec.io, dnsop@ietf.org, Oli Schacher <oli.schacher@switch.ch>, Q Misell <q@as207960.net>, Christian Elmerot <christian@elmerot.se>, Daniel Salzman <daniel.salzman@nic.cz>
Date: Mon, 22 Apr 2024 07:41:42 -0400
X-Mailer: MailMate (1.14r5937)
Message-ID: <F21226BA-266A-4BF8-AD17-0D908B10AC54@nist.gov>
In-Reply-To: <94ea3a71-6c1c-10af-a71f-7cee34e8d0d4@nohats.ca>
References: <rt-5.0.3-225992-1713566832-1739.1362913-9-0@icann.org> <647558F8-2FEF-4418-AE1C-3BDC3B22A89B@nohats.ca> <1cb4663f-9502-47db-a099-ce5147bb733e@desec.io> <94ea3a71-6c1c-10af-a71f-7cee34e8d0d4@nohats.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-OriginalArrivalTime: 22 Apr 2024 11:41:42.0450 (UTC) FILETIME=[0BD1C920:01DA94AA]
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DS1PEPF00017E07:EE_|PH8PR09MB10157:EE_
X-MS-Office365-Filtering-Correlation-Id: 4bae47ca-5898-4b3e-e546-08dc62c12eaa
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: IBdRclxbqWTnDsJporxLHzxQEC8OYGgCBaXQMtuTgMgju97V9wYJDsOB+DyYlAD/DbJVQG9xMNTYVwjnCp/sG+kRO4kXRbj2rjbLPjN4Nz1qRjPctZavZkkOeTe5Mjc6iD54cHq6wYjHKza3gdcXx8cYDG98VlrNzOz0ByyTFLRVq/uhFP0/HZgdXiEvzSPxVegAa4mJBGQO7grpPv+clEgEarM6A44yLiXzZtlnlS5fXcxbk/Qxl+Ge3niNpPELjaGlf7pLz2bJC4H5junPT6GjM1ZK2Bovkwol5wJfeLeol1tZxE2HUCOps/1m+MKw/zLou5bXA8VQJcj0aLq6t25ukTVlt47aQBBUmYPgzaPmB4RJXZ81GGmSJmzYs0iRNPnXH1fMulGI/BXCJnwVZP+uTmReZLaE5B5tnDwd6W1hLLf7jbKGpHHbTywdLLxIIDHdFd1eRCdYM8XkurXESRYXU5ifz2bB0xcj6+hjs84Ejy5zX1PWJdSOZc+FgPL8UyclavuyZWmSafWbM+dF4ozaOvHOxcucYi+p2xT4VJB/1UvJAMkv/GdxutIGxwyFM7jpdnvTJDtu0e+XdeGm/iRF+k8dM0X5WWz4d8tBFuQjLYRpwcrgl6fyaJov3d/DJGXk2IMesLoou7vAtJFTN+eguK5jzABAQL0upC3eof4NcEbbMhQpkW98eSL82nS7p311TV+lkWTQWbb7qc+Ojp6dszO+pCLQ95DUlwqEWwzmqwjQFO5F3loqSadm+c6z16HnzXI9pXHF1PwQ3TCDN0j4bs+paGfRskov/f8UpdxwI+oKGy8F2/ZqN5RxTq+zU7uB2hWiACNVO5eKzw7JxWIo4lt9JOse7MUb9mXsAwYfTJgKtEKBYlsTf3x7fLDyrvAoJy/2bWRsZ+ljcveKmyXtitaI1RBjHcvSJvuexqb85b9Z/Ula1KKIf8pXhPDQQZGHKLf1lr80UrJfexGjajnJAukZIsojHOQ1mGYUVuG7Y5t9wkaTJ5Wk6lmR+r/czlRnTU8/E9ZBO2lLFXiJwNQKDOyu6GthuXEdOcClPsI7HT9X/6wB/CLadH/0OhoBqkeW/X9NcopC1vptwPS43HTgIUkhzSq2gK+SY19MVnWrhPzZ+BQDQLgyK4E2OmDUAI4fyWv9+vpvn4xW8S3a9UVJ2nImClOBFqyQIyhaCoDiQIZMJ9qF/mc0ooKHKNJiY3bLZZNV9gJCamFjti7l8YtJ69wPScnFqu2GQwpRr3u77pDb6Q1f2ThPQcUPIdyDTVQ3+vSnTjKlUhHz33JzV3+SkzCxQ84a3/TlA2ifdPw0p5JW7TfFohDv3Hs5rvwgcXEQE1LTC76xN22nV80hYW9FuXVxOmwmZ1Je4C2hUvfKYsak/xaNEB659JFXUKvI
X-Forefront-Antispam-Report: CIP:129.6.16.77; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:smtp2.nist.gov; PTR:smtp2.nist.gov; CAT:NONE; SFS:(13230031)(1800799015)(36860700004)(82310400014); DIR:OUT; SFP:1101;
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Apr 2024 11:41:43.0304 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 4bae47ca-5898-4b3e-e546-08dc62c12eaa
X-MS-Exchange-CrossTenant-Id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=2ab5d82f-d8fa-4797-a93e-054655c61dec; Ip=[129.6.16.77]; Helo=[smtp2.nist.gov]
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: TreatMessagesAsInternal-DS1PEPF00017E07.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR09MB10157
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/kimkqnh85YUrN2nxcG7cFXXTR9A>
Subject: Re: [DNSOP] [IANA #1362913] expert review for draft-ietf-dnsop-dnssec-bootstrapping (dns-parameters)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Apr 2024 11:41:51 -0000

On 20 Apr 2024, at 19:38, Paul Wouters wrote:

> On Sat, 20 Apr 2024, Peter Thomassen wrote:
>
>> The authors certainly don't insist, but we'd need to pick a suitable replacement for the "_signal" label.
>>
>> John proposed "_dnssec-signal" elsewhere in this thread.
>>
>> The authors would like to note that adding "_dnssec-" eats up 8 more bytes, increasing chances that bootstrapping will fail due to the _dsboot.<domain-name>._dnssec-signal.<nsname> length limitation. Other than this (unnecessary?) use case narrowing, this choice seems fine.
>>
>> That said, does this choice address your concerns?
>
> It would, but I would also be okay if it is just _dnssec.
>

If the concern is that the label is too generic, “_dnssec” might be too generic as well. If it is to be more precise, go with _ds-boot or something more specific to the use case. I don’t have an implementation in the mix, so it this isn’t a strong opinion.   If the group agrees _dnssec is fine, then I am fine with it too.

Scott

=====================================
Scott Rose
NIST/CTL/WND
scott.rose@nist.gov
ph: 301-975-8439
GoogleVoice: 571-249-3671
=====================================

v2.31.3 | Report a Bug | By Email | System Status