[DNSOP] Martin Duke's No Objection on draft-ietf-dnsop-extended-error-14: (with COMMENT)

Martin Duke via Datatracker <noreply@ietf.org> Fri, 24 April 2020 03:59 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 21D2B3A0779; Thu, 23 Apr 2020 20:59:55 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Martin Duke via Datatracker <noreply@ietf.org>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-dnsop-extended-error@ietf.org, dnsop-chairs@ietf.org, dnsop@ietf.org, Tim Wicinski <tjw.ietf@gmail.com>, tjw.ietf@gmail.com
X-Test-IDTracker: no
X-IETF-IDTracker: 6.127.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Martin Duke <martin.h.duke@gmail.com>
Message-ID: <158770079466.31867.3357301786886302699@ietfa.amsl.com>
Date: Thu, 23 Apr 2020 20:59:55 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/lsELYHLo81tFOModpfJGUb1J5dI>
Subject: [DNSOP] Martin Duke's No Objection on draft-ietf-dnsop-extended-error-14: (with COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Apr 2020 03:59:55 -0000

Martin Duke has entered the following ballot position for
draft-ietf-dnsop-extended-error-14: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-extended-error/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Comments:

I know that in some crypto use cases, error codes are deliberately kept vague
to frustrate analysis by attackers. Have the DNSSEC error codes been vetted for
the same risk? Or does that not apply here?

Sec 5.2: since the shepherd write up, the maximum 16-bit integer has dropped to
65280. Have these code points gone somewhere?

Nits:

Sec 4.4 s/serever/server

Sec 6: s/validaion/validation

The redundant word in “This information is unauthenticated information” is
redundant.