Re: [DNSOP] howto "internal"
Tim Wicinski <tjw.ietf@gmail.com> Tue, 24 July 2018 16:14 UTC
Return-Path: <tjw.ietf@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20318131155 for <dnsop@ietfa.amsl.com>; Tue, 24 Jul 2018 09:14:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z33rnmNw0Q2t for <dnsop@ietfa.amsl.com>; Tue, 24 Jul 2018 09:14:30 -0700 (PDT)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5408C130F3B for <dnsop@ietf.org>; Tue, 24 Jul 2018 09:14:30 -0700 (PDT)
Received: by mail-wr1-x431.google.com with SMTP id g6-v6so4742055wrp.0 for <dnsop@ietf.org>; Tue, 24 Jul 2018 09:14:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=2ny5KXY3gbS5J7NMZUlD08YZ1vMu01McUaDz8GnxuKI=; b=kcaPjpnOAUGfvMLe3wHt3s6/5K1Wl9qLYbQV1UK+AgEtBBPBGAX6gMAsdK2Wv8Gg+V jMw98dk+UMo3fcb7z5OdrZb5tHARgFlLys1j5VctoN8/gHK3c4ALdZDDZaUlr7sdMEIS 1jrmQoAplYy54oooF3eBorK/WFXuFOkIbhGNYWZnYTJk2WypTFliscnuzpkWi1cI0IV6 Ju9CSGJLjG8Hrpsvk4jzcWrZF+1wd3006LfGjwROK6i8QeVorQtxdGwjoYYtfSx1P0B/ 3KC54H+khi8Byk87j5YH1Jfks19rBA6CEZB0EpK/WZJBugiiP0MGxHeTSFAzX/+MGF4O 4B4w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=2ny5KXY3gbS5J7NMZUlD08YZ1vMu01McUaDz8GnxuKI=; b=TrugNlCJorZrBix+xoW7N8GS0c0auBCPs765a5xWRrtP15K50dmskmQgC7FuzdIHUY 6PCbraPg1Xrk+TwvCxhOEGEwhjed+rCkX8sf5LnQDJbpqpENQwbKVnI5fWTFU1w+MnoV 2Tj9SEU5h/m3FTxKI3GIANzbZHWTcNs1AYPAB8CbYvf6hKXcgIo3bUh6eeY3gHsKUP0J /tnu6nK3fpeNA5oUIVLaEPZ0+TW5VHq7O0Zt/sxaXKfcGu2HyqB7OSdQZQsZgx4jMQA1 MxTMlOH+ANpDYbvx70LCioa7bLbz6VaaP/l7U+mQP2fxgHAuDaey3bF43izvDrHEvP2A DWVA==
X-Gm-Message-State: AOUpUlHNtuFFI7VuEZ8EOANUDy0eTsKsPiViSh7r6fAcxmaIPLmYPKQ1 aPw50Hf7O6To3LVHtCHcmwpxnR4dSagw/Abf9Y8=
X-Google-Smtp-Source: AAOMgpds63CktpHYNnKsHnXOL8NmKDjiEsV3vt3UCrr4a7GAr6DbBtGmlbVtpNesSwUnaj4OxzFHfoGb98PiXAqvehI=
X-Received: by 2002:adf:c554:: with SMTP id s20-v6mr12629105wrf.46.1532448868828; Tue, 24 Jul 2018 09:14:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:adf:a414:0:0:0:0:0 with HTTP; Tue, 24 Jul 2018 09:14:28 -0700 (PDT)
In-Reply-To: <5B574F67.1090806@redbarn.org>
References: <1cb82914-0bc3-9ea7-7f69-9dc826d19e48@andreasschulze.de> <2264d840-33cc-736c-668a-a537c4da4a30@nic.cz> <alpine.DEB.2.20.1807241623300.5965@grey.csi.cam.ac.uk> <CADyWQ+HZ4i2P9qK03xK_EvZYakdduKigH87QgZ4zfUwjHjL25Q@mail.gmail.com> <5B574F67.1090806@redbarn.org>
From: Tim Wicinski <tjw.ietf@gmail.com>
Date: Tue, 24 Jul 2018 12:14:28 -0400
Message-ID: <CADyWQ+Gc4Vvow2UJTOtPrUf2V_5ZJNpnwbqyRQ3QVm76K9ZivA@mail.gmail.com>
To: Paul Vixie <paul@redbarn.org>
Cc: dnsop <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000768a000571c10e32"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/lXh-94PmqhphQTXb7ULgoReZCsM>
Subject: Re: [DNSOP] howto "internal"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jul 2018 16:14:32 -0000
On Tue, Jul 24, 2018 at 12:10 PM, Paul Vixie <paul@redbarn.org> wrote: > > >> > i also use real domains for my private stuff. but i also use RPZ locally > for the internal bindings, not NS RR delegations that i'd have to keep out > of my externally-served zone files I had forgotten our threat intelligence teams use RPZ internally as well, absolutely.
- Re: [DNSOP] howto "internal" Petr Špaček
- [DNSOP] howto "internal" A. Schulze
- Re: [DNSOP] howto "internal" Ted Lemon
- Re: [DNSOP] howto "internal" Paul Vixie
- Re: [DNSOP] howto "internal" Tony Finch
- Re: [DNSOP] howto "internal" Tim Wicinski
- Re: [DNSOP] howto "internal" Joe Abley
- Re: [DNSOP] howto "internal" Paul Vixie
- Re: [DNSOP] howto "internal" Tim Wicinski
- Re: [DNSOP] howto "internal" Grant Taylor
- Re: [DNSOP] howto "internal" Grant Taylor
- Re: [DNSOP] howto "internal" Tony Finch
- Re: [DNSOP] howto "internal" Grant Taylor
- Re: [DNSOP] howto "internal" Scott Morizot
- Re: [DNSOP] howto "internal" Tony Finch