Re: [DNSOP] Terry Manderson's Discuss on draft-ietf-dnsop-dnssec-roadblock-avoidance-04: (with DISCUSS and COMMENT)
Wes Hardaker <wjhns1@hardakers.net> Wed, 03 August 2016 22:53 UTC
Return-Path: <wjhns1@hardakers.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56ECA12D69C; Wed, 3 Aug 2016 15:53:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.488
X-Spam-Level:
X-Spam-Status: No, score=-5.488 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TIGwxKt4-N22; Wed, 3 Aug 2016 15:53:09 -0700 (PDT)
Received: from mail.hardakers.net (mail.hardakers.net [168.150.236.43]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A237212D08D; Wed, 3 Aug 2016 15:53:09 -0700 (PDT)
Received: from localhost (50-1-20-198.dsl.static.fusionbroadband.com [50.1.20.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.hardakers.net (Postfix) with ESMTPSA id DD34329AA7; Wed, 3 Aug 2016 15:53:08 -0700 (PDT)
From: Wes Hardaker <wjhns1@hardakers.net>
To: Terry Manderson <terry.manderson@icann.org>
References: <20160706042557.22326.91200.idtracker@ietfa.amsl.com> <0ly45bsn4e.fsf@wjh.hardakers.net> <D3AC09DC.95840%terry.manderson@icann.org> <CAKKJt-dWcaxmwSi9ANDX+wf6+Q16Q-7U8S9T3XamvPzQP1Fy4A@mail.gmail.com> <D3AD65CB.95A88%terry.manderson@icann.org>
Date: Wed, 03 Aug 2016 15:53:08 -0700
In-Reply-To: <D3AD65CB.95A88%terry.manderson@icann.org> (Terry Manderson's message of "Thu, 14 Jul 2016 05:55:22 +0000")
Message-ID: <0l4m71o46j.fsf@wjh.hardakers.net>
User-Agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/mPb9MKmSpFePIwl6GpYreEb-xcM>
Cc: "tjw.ietf@gmail.com" <tjw.ietf@gmail.com>, "dnsop-chairs@ietf.org" <dnsop-chairs@ietf.org>, Wes Hardaker <wjhns1@hardakers.net>, "dnsop@ietf.org" <dnsop@ietf.org>, "draft-ietf-dnsop-dnssec-roadblock-avoidance@ietf.org" <draft-ietf-dnsop-dnssec-roadblock-avoidance@ietf.org>, Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>, The IESG <iesg@ietf.org>
Subject: Re: [DNSOP] Terry Manderson's Discuss on draft-ietf-dnsop-dnssec-roadblock-avoidance-04: (with DISCUSS and COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2016 22:53:11 -0000
Terry Manderson <terry.manderson@icann.org> writes: > Hi Spencer, > > On 14/07/2016, 12:57 PM, "Spencer Dawkins at IETF" > <spencerdawkins.ietf@gmail.com> wrote: >> >>Terry, I like where you're headed, but just to ask the obvious question, >>are you thinking the draft would, or would not, also contain something >>like "at the time this document was approved, a domain used for this test >>was $someactualworkingdomain.com <http://someactualworkingdomain.com>"? > > Sorry I didn't make it obvious, yes I would like to see text like this, > and I think it makes an easy path for the less adventurous in addition to > supplying more in depth guidance. How does this text work to be dropped into the end of the "Implementation experiences" section (1.3): <section title="Test Zone Implementation"> <t>In this document, the "test.example.com" domain is used to refer to DNS records which contain test records that have known DNSSEC properties associated with them. For example, the "badsign-a.test.example.com" domain is used below to refer to a DNS A record where the signatures published for it are invalid (i.e., they are "bad signatures" that should cause a validation failure).</t> <t>At the time of this publication, the "test.dnssec-tools.org" domain implements all of these test records. Thus, it may be possible to replace "test.example.com" in this document with "test.dnssec-tools.org" when performing real-world tests.</t> </section> And then everywhere that test.dnssec-tools.org exists in the document, I'll replace it with "test.example.com". -- Wes Hardaker Parsons
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Wes Hardaker
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Wes Hardaker
- [DNSOP] Terry Manderson's Discuss on draft-ietf-d… Terry Manderson
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Terry Manderson
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Wes Hardaker
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Terry Manderson
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Spencer Dawkins at IETF
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Terry Manderson