Re: [DNSOP] I-D Action: draft-huston-kskroll-sentinel-04.txt

Joe Abley <jabley@hopcount.ca> Wed, 31 January 2018 03:40 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DED5912FAA6 for <dnsop@ietfa.amsl.com>; Tue, 30 Jan 2018 19:40:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hopcount.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yi7Sdu4wdhLp for <dnsop@ietfa.amsl.com>; Tue, 30 Jan 2018 19:40:26 -0800 (PST)
Received: from mail-yw0-x233.google.com (mail-yw0-x233.google.com [IPv6:2607:f8b0:4002:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09F56131950 for <dnsop@ietf.org>; Tue, 30 Jan 2018 19:40:15 -0800 (PST)
Received: by mail-yw0-x233.google.com with SMTP id m84so6496282ywd.5 for <dnsop@ietf.org>; Tue, 30 Jan 2018 19:40:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ej3H4Sy8VQnaaqKvPtMR0G3Kk3/p+Cc4p6GappLM1jg=; b=VT6pNGhmOcjfV15zhXt0QEZv0D/Yzeaf/wWjGF2C9ApfWnbWMI6xGpIXcJd4DQ4jj6 l1Zn51BtJPO0WwWfJINmUvELPDG6NWiTmqAFh4A6VQh5tWQuHQSCo6F0jqnNyTq3Q1oB /tPd1Xr0oB6Fd1y0fnsjc6o+5b2cdqfRnTGGw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ej3H4Sy8VQnaaqKvPtMR0G3Kk3/p+Cc4p6GappLM1jg=; b=db4l3xu03Nb8wWU3X6pVYMKHERZYQIYPzx6bWpHiqVU3Xemp6E5k8n619+Mwep3f9G xfGGmxuiMmvN26f5mn0W5Q74e3QjnArY9UckTrelXv6u3H8nIGbegR9jUYLXAdDmSyg0 C2T7I1ZjwuoPwO2B64+EaILQ0JPmk5uf0k8Na8UNaHTkZL3EipgnJL+wsel3y796QJSu 9wPYFVRTmtiX8770zyfgGFXVd/qggw4vFQEn3uYMWFY1ww7E9cxBt/EJvf6g5qU/EGVG X9x3h4YfrS1nfCqTsNUp3Ve6NUmwexaM44XwCOmigbNoUbRYLYjEPIIkXOZiIp7AuTOb BCvA==
X-Gm-Message-State: AKwxytdxyG/0ZjM2onIaajH4tGgRPQ17e/MeESbZn2cL+8HdQ/tvS2ti cSz0vma78BzIYxmpdoBiuknTIESYraQ=
X-Google-Smtp-Source: AH8x226VL9fJouxe/C5vmbyvRmnluNiekGxlkBaR+a1gpLGC5vBeYlnzl7K/DW5g4iZosEEUm/J/WA==
X-Received: by 10.37.54.32 with SMTP id d32mr21543502yba.389.1517370013942; Tue, 30 Jan 2018 19:40:13 -0800 (PST)
Received: from ?IPv6:2607:f2c0:101:3:d51:8727:f42c:3234? (node-131dv31shbd82z78l0.ipv6.teksavvy.com. [2607:f2c0:101:3:d51:8727:f42c:3234]) by smtp.gmail.com with ESMTPSA id s13sm1355848ywa.94.2018.01.30.19.40.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 30 Jan 2018 19:40:12 -0800 (PST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Joe Abley <jabley@hopcount.ca>
X-Mailer: iPad Mail (15D60)
In-Reply-To: <CAKr6gn28-4zEw3vvGsPg51bydCmHmTqUi5aOspNxgZn9r5mBrg@mail.gmail.com>
Date: Tue, 30 Jan 2018 22:40:11 -0500
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, dnsop WG <dnsop@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <7A80802E-69A3-40FD-A6F5-497A0EA9BC4A@hopcount.ca>
References: <151062636258.5917.14497839377888768972@ietfa.amsl.com> <20180128080134.24987d69@titan.int.futz.org> <CAHw9_iLDid5-3JJ5gffdsR_PMCAEwwxB3i7ORLiBVtKwmt0khQ@mail.gmail.com> <20180129233755.3697ee79@grisu.home.partim.org> <20180130152459.GE18485@mx4.yitter.info> <9787FD03-4E91-46DC-92E0-85513D6A9B40@hopcount.ca> <20180130185128.GI19193@mx4.yitter.info> <CAKr6gn0LSjtJL_zci1i=aUYq6bd7vDos_QfiEiS=W0kygXS_MQ@mail.gmail.com> <CAHw9_iJObyd4KPL9BsnARDCf-qaS_eYCMuWnn0SV+10OeYzgoQ@mail.gmail.com> <344C35F8-30C0-4705-8B96-A8E07FDCC34C@vpnc.org> <CAKr6gn28-4zEw3vvGsPg51bydCmHmTqUi5aOspNxgZn9r5mBrg@mail.gmail.com>
To: George Michaelson <ggm@algebras.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/kkftK0KDrtOZfRelpTmPrsw8QBU>
Subject: Re: [DNSOP] I-D Action: draft-huston-kskroll-sentinel-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Jan 2018 03:40:28 -0000

Hi George,

On Jan 30, 2018, at 21:49, George Michaelson <ggm@algebras.org> wrote:

>> The problem you hit was in BIND. To get around it, you simply add "check-names master warn;" to the options.
> 
> And with this.. he was good again. So, modulo the implementation
> cost/consequence, I'm good here.
> 
> But, if this is detail, then I'm back at 10,000ft: noting the IETF is
> all about detail, are we mostly good here?
> 
> Because.. I really want this closed off.

I like it, and I am keen for it to be implemented. I dislike Warren's compromise on xm-- for all the reasons Paul mentioned (but also "oh my god no, please no" just on general principles). I would like it to proceed so we can see the kind of swift implementation that will teach us something about the DNS.

I made a comment some time ago in response to someone's (Warren's again, I think, but I'm not sure) observed confusion in others about the draft. I recall that I suggested that the draft include some explicit advice for all the various actors here (resolver implementers, zone managers) so that it was more clear who was doing what.

I'm stil willing to contribute text if anybody cares, since I seem to remember feeling correct about that observation, and I don't *think* I have noticed a rev of the draft since then, but I also didn't notice any other people say anything like that and I'm perfectly willing to be overwhelmed by the silent majority or to have a more recent revision pointed out to me with the patience normally reserved for the young and the dangerously insane.


Joe