IETF Logo Mail Archive

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

"Wessels, Duane" <dwessels@verisign.com> Thu, 22 April 2021 18:38 UTC

Return-Path: <dwessels@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C57443A13F6 for <dnsop@ietfa.amsl.com>; Thu, 22 Apr 2021 11:38:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.399
X-Spam-Level:
X-Spam-Status: No, score=-4.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p04Eh4NniiGK for <dnsop@ietfa.amsl.com>; Thu, 22 Apr 2021 11:38:24 -0700 (PDT)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 601133A13EE for <dnsop@ietf.org>; Thu, 22 Apr 2021 11:38:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=7667; q=dns/txt; s=VRSN; t=1619116706; h=from:to:cc:date:message-id:references:in-reply-to: mime-version:subject; bh=rllQRrZx2kfAMTeaoOeRNbzKjCP716Y3AFbOrd62h40=; b=cgjXSKEQOmEsnLO4o3q8LETolcWCeBiX6U/hGxS5d8we1qM7TIWw+ob6 AhgcnY4TglYz+xfCFL3feJSDACKK5BaRe3KJoA4Kz6ix8r5C1TNnYhinW bCTb2lqOpLSSvc7mmZPUq8nT06wcolDRIeO22g36W2oTKAetmUgp9ocsi NrWN2buJoAs+4Y/K7y9JrFIFDZ6LSgRYgqO9Ua8LdqeUfA/f7BrFsooru KoUHzdqKB6AfT04jyHI3Qh2lJU3P2PG/qeVpDcfdYbVzIAVoosyXiOjPU YuXBNsVoi702C+3syMbkK7j0QIvTNlawVenTFyj+2RXuKrNthoN8cDcFV Q==;
IronPort-SDR: akJmBbMEcKPLTDwkG7wNY/CPXJtvfO492N/dOZAIHfhxWtyiIN1UvP1mzNjrakoeepuDjuemPW VwQwM2CzYl+uo36tWGUcVuZh7EkjP1M3aQZ7Qo3/EtVs/m0YOmcpJVH9p/P2H6Ocy0CkRlRY7u 4jbfMf9eYCvOtrGYRoHaUxYWFpE3iNZXkk2/6oT5rOTg/kjvTima41H/1aYN+SDHmkxfBLr6Fc 385dH7BVBclGwg0cwCdXv63ZDiqU3YYlU2agcfHDalfRokyDO+6a8HzZ3RYyXR2TbKi14Fa70o fJE=
IronPort-HdrOrdr: A9a23:rpciCai7CmPSjbSWzxGRe9RK6XBQXk0ji2hD6mlwRA09T+Wzkc eykPMHkSLugDEKV3063fyGMq+MQXTTnKQFhLU5F7GkQQXgpS+UPJhvhLGSoQHINiXi+odmtZ tIXLN5DLTLY2RSqebfzE2GH807wN+BmZrGuc7kw31gTR5nZshbhm9EIzyGGU57ThQuP+tbKL Og4KN8xgaISDA4YsO2HXEZU+WGjM2jrv7bSC9DIxI88gGBgXeL5K6SKXKl9yZbdz9U278t/S z+jgrj6syY3s2T0BPGyGPJ1ZhQlebgztcrPqextvQ=
X-IronPort-AV: E=Sophos; i="5.82,243,1613433600"; d="p7s'?scan'208"; a="7531556"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Thu, 22 Apr 2021 14:38:22 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d]) by BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d%4]) with mapi id 15.01.2242.008; Thu, 22 Apr 2021 14:38:22 -0400
From: "Wessels, Duane" <dwessels@verisign.com>
To: "Wessels, Duane" <dwessels=40verisign.com@dmarc.ietf.org>
CC: Tony Finch <dot@dotat.at>, Suzanne Woolf <suzworldwide@gmail.com>, "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [EXTERNAL] [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements
Thread-Index: AQHXNweLTio4D7uvrEuf9bCOXu/mcarBIlYA
Date: Thu, 22 Apr 2021 18:38:22 +0000
Message-ID: <68F43FCA-65D4-425C-A4FA-0D15B86D3FDF@verisign.com>
References: <93D82731-7B33-4E39-8DEF-FF6C14803191@gmail.com> <da3dceaf-26d7-dddd-6c31-21fd35227f91@dotat.at> <7591E59C-5E52-44C6-8AEE-346393969367@verisign.com>
In-Reply-To: <7591E59C-5E52-44C6-8AEE-346393969367@verisign.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.120.23.2.4)
x-originating-ip: [10.170.148.18]
Content-Type: multipart/signed; boundary="Apple-Mail=_AE506F6D-D54A-4A97-8F5B-02356B81B355"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/qXkL78MDhOoYmB8UgymiTrtl5pQ>
Subject: Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Apr 2021 18:38:30 -0000


> On Apr 21, 2021, at 4:39 PM, Wessels, Duane <dwessels=40verisign.com@dmarc.ietf.org> wrote:
> 
>> 2.2:
>> 
>>  DNSSEC originally specified in [RFC2541]
>> 
>> I thought this should be RFC 2535 rather than the operational guidelines?
> 
> Sure, 2535 works for me.
> 

Oops, correcting myself here.  It needs to be RFC 2541 because that is the
one that mentions TCP.  The text has been updated like this:

   and the second was the set of extensions
   collectively known as DNSSEC, whose operational considerations are
   originally given in [RFC2541].    ...    while the latter
   warned "... larger keys increase the size of KEY and SIG RRs.  This
   increases the chance of DNS UDP packet overflow and the possible
   necessity for using higher overhead TCP in responses."


DW

v2.23.0 | Report a Bug | By Email