IETF Logo Mail Archive

[DNSOP] further problems with draft-ietf-dnsop-kskroll-sentinel-09

Geoff Huston <gih@apnic.net> Tue, 27 March 2018 23:28 UTC

Return-Path: <gih@apnic.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE3C7124B18 for <dnsop@ietfa.amsl.com>; Tue, 27 Mar 2018 16:28:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=apnic.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pdzsrQygInQb for <dnsop@ietfa.amsl.com>; Tue, 27 Mar 2018 16:28:46 -0700 (PDT)
Received: from APC01-SG2-obe.outbound.protection.outlook.com (mail-sg2apc01on0051.outbound.protection.outlook.com [104.47.125.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C77FA1200C1 for <dnsop@ietf.org>; Tue, 27 Mar 2018 16:28:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.onmicrosoft.com; s=selector1-apnic-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=AHLMFpbGBLnO7xqTY+Is+/UOTt7vDoGD5QBNAwQxTNo=; b=dyn0gs6Aw1DKZSRKT5xdDgSfTuhubWMNgemMuZWv8lsk/eyz7XMnv4isKZ0qWjyjEzooGJOObfrVk3ZbbVV/lgNjOUb2dcEgprAVZWEnl0klgBvk5N/YtfEGSUeRD4m4G7xSOjuLqUSIefL9J1SsVWlte5waqPO6n7TCGCT6LfU=
Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=gih@apnic.net;
Received: from [IPv6:2001:388:1000:110:6895:64b5:eda:ce1b] (2001:388:1000:110:6895:64b5:eda:ce1b) by SG2PR04MB0693.apcprd04.prod.outlook.com (2a01:111:e400:520a::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.609.10; Tue, 27 Mar 2018 23:28:41 +0000
From: Geoff Huston <gih@apnic.net>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Message-Id: <BD181AAD-5EE0-40B7-8220-4FD4991705DE@apnic.net>
Date: Wed, 28 Mar 2018 10:28:31 +1100
To: dnsop <dnsop@ietf.org>
X-Mailer: Apple Mail (2.3445.5.20)
X-Originating-IP: [2001:388:1000:110:6895:64b5:eda:ce1b]
X-ClientProxiedBy: KL1P15301CA0017.APCP153.PROD.OUTLOOK.COM (2603:1096:802:2::27) To SG2PR04MB0693.apcprd04.prod.outlook.com (2a01:111:e400:520a::19)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 9c2bd9d6-42a1-4529-a516-08d5943a7a4a
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:SG2PR04MB0693;
X-Microsoft-Exchange-Diagnostics: 1; SG2PR04MB0693; 3:9pBkabimZBJlcU5iU64TUhGnHgnMTm//2UJdfvzy/l3dPl0H6phRXYdQSeYcVo8/LAOTxWdHUn+t2LzQQl2luYGSEp/f5Ncu2UnsP6TWcFPd4ZVbyXQp5C9+IBU4tj3OSMIajbwacHrMChE1ct3gjeEwHId+uhTUecFUfYqZNIu6BnvFrIKgOo8YhHscNOYw/Bfeh9FSMqFslTYxpyG8nLvpy4mcDKvRrHVbIK4WIjftVrK4iAcJnBO73uz5I0AG; 25:J48QAmXITVAT9KBl7bhiNCzwKz6HLTK2wOtqxNLGV+t/QXkKKKQaa2eaQTIoGRJavHtSdld7xVUwTTgA9fbVW7ODZVEVHfSFEShrkoBRHn2PtbgMS3vvGku8z0EJz5oETm8ReqzmI5IE39ubKoiEiUfE1ou1RKNFdvkCQaIuXxX50Wvy9WMtJaP7mvQAfWmVCq6T2fPTuMWFPKuuc+mKRvruFAmei+nPLGSeNcIx5zAL9bo00B2RCwq7vpH17t3vQGvJ57QhM4cWtAS+EhkSJuekqQx14Q1tUFXVz0fu1M+LunfGSEjg9qTunEsq7IEb4tBtb6Mn0TPzi2LYR6hkVEcDVT9MtmGVI2bVWmYJv9Y=; 31:hcHC7uVJCFU8xnxZkJwkzpbpaC4Oo7gU/Xukd0m2jnFR3Ldqt8smVJZeoMth2KZa54kIl6ehWmtCkx0JmoC2fnhfQ0ej2YuGlULJ6D1W6PbX+IHKMtfwv5N1tSUB+gBiAboc5BYvIbOa2egW3seBS9HRTmsMgXGJp+IWwDFn5OaSZrXXwL2Q9Tqj1pOhwL570YDuGZkj88Z3l1u7PP2NwO56E01bq75BsF+4gYNBu1E=
X-MS-TrafficTypeDiagnostic: SG2PR04MB0693:
X-Microsoft-Exchange-Diagnostics: 1; SG2PR04MB0693; 20:Uw0RVaOabZ0ctwM0aTkpBnC9xhbSHxitas/867Gu+E1k167KEliXUbNMzum47Df5NT7B2hhAJjpUNconYWdXy8eXHV88QSWFizTlgmsbuQG/vYOuOUJlchZ/4pTRLhTniZfSC36XRlZhm+iMnJgS57E4kf7rRR/r9JQdvWwT1Xu7ye6hC7ujauwhJWlv18ief9Qmxjeealy2//pyrHR1ZnYiFvX/LYJ/4phRx7NLDgFexJ/kSHzh/mTrWmPePt6x; 4:c/AxcY7CK86DCpsy/9U9jj0RSmtqMG8OC8RDRRCnQPiisWDc+eMFyccHBWdkXH6LX4X6kq4LGV/gGkSzOVz1oaXeIDd9W9znwvpVgJx1MggMUetfGVBWd+U5C21UAvE/0o6obQrFN/yy2W7/lvZHBwiqFD51uLKKxIG6Puj8LZp3HSmgSfu0v47Wvzbg0HCtv2RbV5LZ3auyxjINHaLiIfYclYFRU+FEr+2y5vebP6Txi1u8ippfYlUXGXW2hvxfcADy+48mCn0lGMhcR/XIk6cwsGnC67ZbVPEUwfB3BIr/dPQvy29AezE3wl7BAxrH
X-Microsoft-Antispam-PRVS: <SG2PR04MB0693FAF011828D2071C78C4CB8AC0@SG2PR04MB0693.apcprd04.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(211171220733660);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(8121501046)(5005006)(3231221)(944501327)(52105095)(3002001)(93006095)(93001095)(10201501046)(6041310)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123558120)(20161123564045)(6072148)(201708071742011); SRVR:SG2PR04MB0693; BCL:0; PCL:0; RULEID:; SRVR:SG2PR04MB0693;
X-Forefront-PRVS: 0624A2429E
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(979002)(39380400002)(346002)(39830400003)(376002)(396003)(366004)(189003)(199004)(7736002)(6486002)(33656002)(478600001)(386003)(6116002)(5660300001)(106356001)(68736007)(476003)(97736004)(53936002)(25786009)(1706002)(82746002)(305945005)(2486003)(52396003)(8676002)(81166006)(36756003)(16526019)(23676004)(186003)(6916009)(52116002)(83716003)(81156014)(46003)(6666003)(316002)(86362001)(52146003)(50466002)(105586002)(8936002)(2616005)(2906002)(47776003)(50226002)(57306001)(486005)(486005)(8746002)(42262002)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1101; SCL:1; SRVR:SG2PR04MB0693; H:[IPv6:2001:388:1000:110:6895:64b5:eda:ce1b]; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
Received-SPF: None (protection.outlook.com: apnic.net does not designate permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 1;SG2PR04MB0693;23:/KLKLU+/VvI3QqCNkhAtxIWMJGQqwt5soSVicguaggsR9moze0j2yOaIY3SQxCMcUqfX3+KKSiyeMQ5scA32yHpQpJEJnX7eHsc+E3cB/eBcQH5a+jKVq7KanXQZ3LBzsA1ekAto32mBLJqzDQO2ANhv0hMBZZT8UbL+DgOPIu3v4grvgBtRXN2/uUuguJqH5oqtm2pAzPw1iB3Ql2dhxZ1X9tIyV986T29R5CDPmVkP1uMObp9tIbcgchdDaC7oY6KbY9iNxc4N22x5IiSzYLR02DWqzc6DmbUKMyaWHLSYrQHoMMgLeyM8e1s0lfLQiUyAgJBoOpbOGZp6qwnM8XBG4/SQiBdFB1RLF6Ablbxglerf3lumYYETrsMh38UjTGFunM9TUkg3YmibnXVCb5KsLmE6Kap/iX3PrIoce/7gOjalPdN1TszO93Qxe4YcfhyJlYdK3D1UwQerDgbt0GDlnoy3w04XCrcCDK/YsfhsJ8OIcdYd2TWBEYxSIacCkuYWapwzkH55rSJxMhR33jQhy7UICTZS0tNhB1C88og38N4xiAjbZI4fR8dhZehzpjvQq8PNNzf5W8tUm0maSFw1drde6kwxhELD0v8qLM1xTTRbEmWqIqo3/afkHtixunAU1QPD0moEquJzFMPJqpRAW1gxEdGYJuJLkCt8dQ9Ux37RomVZMs2/IkzK2FoU1RCf/BIjRQUE3bpfEYmFD1MjMCm83o34QLuVlTW3qse4m/9D/eWaJX9uspeJ8PhPsMOjvX9C8pkiDSRfuMNqYUUgQ0LA/cVTKeaRSUxGMo56P/27+FHaMBLRP0KgrhrDiw4dY/kcq1XYdmUDnhAJZcOvH3flKE7/XdrGBhs/ebWm/OZkQhIl4UfTe9Hji7vY6Txb+qvE51qPTJuTEFcI8Y5UXq75MrCFPcbT/4zpjEDtmXIQm/fVvdhezlSv+BdAHbquJrPO66Hu5QQCcfoyxX/n9lFqMA1yXe7TBORHDKJ1+6suVryO8/EAD8Jdhu6XjePXFeqT6bIYeQhUdtbce4MC7jOLJz7qU3an6scu9/+M7H2UuJtajoBcqg/VKwyHr6ig4z2l5y7k05iGcSNPj7hr2FObfjwEaXdwbt77sDVFXmeAIu3KtEndJmRjeaJWhiD5buE9ilhJK/mdaRfJLWhGimRAwfZpNJqKx4jJiNyQWdCxNn9DstXuhXVNyU1sMAN5R1VGBPFAG6Z59LqSwmL3T1eQoODQJf28JJq8Jzh73eEsGXPxbluZM/SmydxhecwGkFZ1PWR459Sr3AFizg==
X-Microsoft-Antispam-Message-Info: Vj3t/YYkghiMfYnrgNuEByCa1hmkCPDZSvmgMcI2HFR2PipxwAOELE0j+FkMGuD4Qp2C5Y+IHa3AMjw8/AQIApgnspwrYAHX5a+UYqlrGYzJ9ykzUtDLQZPBfeNfJuTM1JB27GErMxqpYfuTvUr3o2/oOzLeDgD0NspaL1Zy3PGZgnWrrcOpx3CkF0lGtAfX
X-Microsoft-Exchange-Diagnostics: 1; SG2PR04MB0693; 6:ashjqhtPdQZ4goCi4fRUSNDK4VzAAEseUlis6Fpf5Hh6/tvlQbY1/rNPp2xZczIxfEZC00i81J8T3DKJErh48lXqXZueQOpOl9q0FJ1Jy3tiZWbz2piD+Anz66IkSSEswU0gs3VgTKJ/2gWeuchiO+ijur47WCJ9HtcDyrEI8se8LaQxK1E+gsF4/W7oOn74/t6rWt/4Ltkdgo6Qcz+rj7efaPu7hr6NZPGZEZyt0fKVD2qyWT2YM4ga7TkCulFcs/e4YghxnqxiITZKmH0aJnER3TyPbVyCTGalTCa9f/64LCgGmUscTccVnQlM6qKy866y+VwbMmOW5JLOq1266VXfQLCCHfrtYNIIeIq+7//3BAHKq0kqcGRbnO7cxSi4jY94YF1maTTcq/VpWERquomXZ+H+aH9EaixoDycHTec2bjpWPeVbpQ9zme0un9bCdnIHZlKIRHor4tFHRYFvzg==; 5:54KAv4vIz+BSQ4hoJcg22PbyhgP4Fa4qHeekONYM3l5XwifgYjP6IuUvNuhxocKfi0W3t4xI7fLy/HNVWmCMiQCRl0hl8Ts5UOwItipRaeueDct0DgKvmG7T3f6aRiUHEcNEFaoWWzsJhioddTQV1TPWGsmiEliNM8zEo7afT4g=; 24:R96u7hY9DWyPiOpEIZvaLaYFpW7mtQJEMzLkdU77KqwmXqu1cGgX3Gb2AJ4+1LGfwC8uBMiiKC5fFCKeJhTOfbFXnEBxwvQNR1VGMlsSrFs=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; SG2PR04MB0693; 7:Vggo4j5dtk2Z2gcl5yGrNfvPOWugI7xVgg/q8o22pJZLiulPkKpHtO2gRNCWf+p62kOs3Sd3R0cJSyG78zlDEjVc9Sid3kqY+zY2WJLLPrCSskdF0F/bOh2Ntf/KB9HqdBZ5ROvkA4KpnroQiE5EECyEOuGoL9IFVZfZ+TpaeSCBU44c3Xp7wVto9/kwk8wfTUHV503BD61IETv87dbUMP5lQFsEHdy4x4Ovp1iamijVV0148FvSA4RQ9I3hpIy4
X-OriginatorOrg: apnic.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Mar 2018 23:28:41.9925 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 9c2bd9d6-42a1-4529-a516-08d5943a7a4a
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 127d8d0d-7ccf-473d-ab09-6e44ad752ded
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SG2PR04MB0693
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/lAuG9flKPsPdX5e9gUDp8C7k1wM>
Subject: [DNSOP] further problems with draft-ietf-dnsop-kskroll-sentinel-09
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Mar 2018 23:28:49 -0000

While I am reviewing this version of the draft, the other problem I see is a block of text that reads:

"RFC 8145 relies on resolvers reporting the list of keys that they have to root servers.”

The grammatical construction is ambiguous - I suspect that whoever originally submitted this tect back for the -03 version meant to say:

"RFC 8145 relies on resolvers reporting towards the root servers a list of locally cached trust anchors for the root zone.”

The document also makes the comment: "The authors (gratefully) accept pull requests.”. I suspect a more prudent course of action from now on is that “The authors will refer all pull requests to this working group before applying any changes to the draft.”

Geoff

v2.23.0 | Report a Bug | By Email