IETF Logo Mail Archive

Re: [DNSOP] draft-fujiwara-dnsop-ds-query-increase-02

Tony Finch <dot@dotat.at> Wed, 05 March 2014 12:28 UTC

Return-Path: <fanf2@hermes.cam.ac.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD3131A047E for <dnsop@ietfa.amsl.com>; Wed, 5 Mar 2014 04:28:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.447
X-Spam-Level:
X-Spam-Status: No, score=-2.447 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NH2cZNdzQWiL for <dnsop@ietfa.amsl.com>; Wed, 5 Mar 2014 04:28:44 -0800 (PST)
Received: from ppsw-41.csi.cam.ac.uk (ppsw-41-v6.csi.cam.ac.uk [IPv6:2001:630:212:8::e:f41]) by ietfa.amsl.com (Postfix) with ESMTP id A7B541A0462 for <dnsop@ietf.org>; Wed, 5 Mar 2014 04:28:44 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from [31.76.20.219] (port=56377) by ppsw-41.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.157]:587) with esmtpsa (PLAIN:fanf2) (TLSv1:AES128-SHA:128) id 1WLAwB-0004JF-QA (Exim 4.82_3-c0e5623) (return-path <fanf2@hermes.cam.ac.uk>); Wed, 05 Mar 2014 12:28:39 +0000
References: <20140305.192356.183042919.fujiwara@jprs.co.jp>
Mime-Version: 1.0 (1.0)
In-Reply-To: <20140305.192356.183042919.fujiwara@jprs.co.jp>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <B3EC68DF-8A61-4A68-924D-0A8C14070BF4@dotat.at>
X-Mailer: iPhone Mail (11B651)
From: Tony Finch <dot@dotat.at>
Date: Wed, 05 Mar 2014 12:28:31 +0000
To: "fujiwara@jprs.co.jp" <fujiwara@jprs.co.jp>
Sender: Tony Finch <fanf2@hermes.cam.ac.uk>
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/mwgimapgFCmGUz9WO2-S04EIUFA
Cc: "dnsop@ietf.org" <dnsop@ietf.org>
Subject: Re: [DNSOP] draft-fujiwara-dnsop-ds-query-increase-02
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Mar 2014 12:28:47 -0000

It is an interesting draft and I can see why the problem concerns you. The dummy DS is a clever work-around, but it is a pity about the validation bug in Google public DNS.

I wonder about the possibility of adjusting the rules for caching delegations. Would it make sense to remember that a referral is insecure for the lifetime of the NS RRset, instead of the lifetime of the negative DS answer?

Tony.
--
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/

> On 5 Mar 2014, at 10:23, fujiwara@jprs.co.jp wrote:
> 
> Dear Chairs and WG participants,
> 
> I updated draft-fujiwara-dnsop-ds-query-increase this Janurary.
> 
>  http://tools.ietf.org/html/draft-fujiwara-dnsop-ds-query-increase
> 
> Recent DS traffic increase seems not high, I did not request time slot
> of WG meeting. However, Increasing is a fact. 
> 
> Recent DS query graph is here:
>  http://member.wide.ad.jp/~fujiwara/files/DS_graph_20140305.pdf
> 
> Please comment to the draft.
> 
> What should I do about this draft from now on?  
> 
> Regards,
> 
> --
> Kazunori Fujiwara, JPRS <fujiwara@jprs.co.jp>
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email