Re: [DNSOP] Terry Manderson's Discuss on draft-ietf-dnsop-dnssec-roadblock-avoidance-04: (with DISCUSS and COMMENT)
Wes Hardaker <wjhns1@hardakers.net> Fri, 08 July 2016 23:53 UTC
Return-Path: <wjhns1@hardakers.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32C3A12D9A3; Fri, 8 Jul 2016 16:53:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.327
X-Spam-Level:
X-Spam-Status: No, score=-3.327 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id agdVGKc_Si_D; Fri, 8 Jul 2016 16:53:25 -0700 (PDT)
Received: from mail.hardakers.net (dawn.hardakers.net [IPv6:2001:470:1f00:187::1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABD4712D9AF; Fri, 8 Jul 2016 16:53:22 -0700 (PDT)
Received: from localhost (50-1-20-198.dsl.static.fusionbroadband.com [50.1.20.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.hardakers.net (Postfix) with ESMTPSA id ED8462AFFD; Fri, 8 Jul 2016 16:53:21 -0700 (PDT)
From: Wes Hardaker <wjhns1@hardakers.net>
To: Terry Manderson <terry.manderson@icann.org>
References: <20160706042557.22326.91200.idtracker@ietfa.amsl.com>
Date: Fri, 08 Jul 2016 16:53:21 -0700
In-Reply-To: <20160706042557.22326.91200.idtracker@ietfa.amsl.com> (Terry Manderson's message of "Tue, 05 Jul 2016 21:25:57 -0700")
Message-ID: <0ly45bsn4e.fsf@wjh.hardakers.net>
User-Agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ova5KZOPb_yl3gDe7ab65hw37yA>
Cc: tjw.ietf@gmail.com, dnsop@ietf.org, draft-ietf-dnsop-dnssec-roadblock-avoidance@ietf.org, dnsop-chairs@ietf.org, The IESG <iesg@ietf.org>
Subject: Re: [DNSOP] Terry Manderson's Discuss on draft-ietf-dnsop-dnssec-roadblock-avoidance-04: (with DISCUSS and COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2016 23:53:29 -0000
"Terry Manderson" <terry.manderson@icann.org> writes: > Abstract: s/outline potential/outlines potential/ Hmm. My version already has that. Yay! > s1.1 > second bullet, perhaps you could just say "not DNSSEC aware" to be > parsimonious with words > third bullet '"middle-boxes" actively'? > fourth bullet "Network components" ? Wording suggestions taken. > para after the bullets: "s/perform these test/perform these tests/ and > I don't mean this to sound snide, but what is a regular Validating > Resolver? as opposed to something else? (irregular?) As opposed to Host Validators, previously in the sentence. I'm leaving it as I do think it provides a touch of clarity. Though if a bunch of people want it removed, I'm fine with that too. > last para of s1.1. "not uncommon to get results that are not > consistent" suggest "not uncommon to get results that are inconsistent" good suggestion. > s1.2 is https://github.com/ogud/DNSSEC_ALG_Check going to be a fully > stable URL? Per discussion in another thread: probably. Olafur certainly won't delete it as the owner, and I doubt github will die anytime soon. The only other choice is to remove the helpful reference. > s1.3 May I suggest moving the 'Notation' section above the background to > better arm the reader? fair suggestion; done. > By saying "actual validating resolver" I presume you mean a > standalone daemon listening on port 53? I've changed it to "validating resolver daemon" instead. Make more sense? > s2 "This document specifies two sets of tests to perform a comprehensive > one and a fast one." I think you missed a comma. I used a : actually > And is normative language really needed in the following sentence? I think the real intent was more (is now more?) this: The fast one will detect most common problems, thus if the fast one passes then the comprehensive MAY be considered passed as well. </t> which is more reasonable for the normative language. > s3, you might like to use a RFC4786 reference for anycast in the first > 'Note' Added. > s3.1 second para "SHOULD have the recursive flag", suggest "SHOULD have > the Recursion Desired (RD) flag set" good catch > s3.1.1, please use the example domain for such examples, ie example.com, > and once you have used it do you really need to repeat it for each > 'existing' text until you get to the non-existent tests and so on up to > 3.1.14. Well, here's the deal: example.com won't work and the domain in question actually does work. Some of them can probably be replaced with the root server, but many others require somewhat specialized tests pointing to a special domain. That one is known to be the only one that likely will work for some tests at this point. The question is, what to do about that? Can we list a known one? Must we list a useless one instead? Should we pre-declare the problem? I've been waiting for this to come up :-) > And on s3.1.14 Will "alltypes.res.dnssecready.org" be a stable query > point? I hope so. > s 3.3 Some formatting might help with the DNS query examples here. Good point; Put into artwork. Thanks for all your helpful comments! -- Wes Hardaker Parsons
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Wes Hardaker
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Wes Hardaker
- [DNSOP] Terry Manderson's Discuss on draft-ietf-d… Terry Manderson
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Terry Manderson
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Wes Hardaker
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Terry Manderson
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Spencer Dawkins at IETF
- Re: [DNSOP] Terry Manderson's Discuss on draft-ie… Terry Manderson