Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc2845bis-07.txt
Stephen Morris <sa.morris8@gmail.com> Thu, 20 February 2020 11:48 UTC
Return-Path: <sa.morris8@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D3B112001A for <dnsop@ietfa.amsl.com>; Thu, 20 Feb 2020 03:48:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.748
X-Spam-Level:
X-Spam-Status: No, score=-1.748 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sj9NXPylwJTP for <dnsop@ietfa.amsl.com>; Thu, 20 Feb 2020 03:48:01 -0800 (PST)
Received: from mail-wm1-x336.google.com (mail-wm1-x336.google.com [IPv6:2a00:1450:4864:20::336]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 469291200BA for <dnsop@ietf.org>; Thu, 20 Feb 2020 03:48:01 -0800 (PST)
Received: by mail-wm1-x336.google.com with SMTP id q9so1652330wmj.5 for <dnsop@ietf.org>; Thu, 20 Feb 2020 03:48:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=91otAi67wQAqMR8LtH9q6lXy4ricl0oBeNPWUa3E18E=; b=OuCBxqdQ+/UBGKX1D/ynWLLrkH5m81DN37YNOlm3j3nqoBkPlFFbnwtb2gdpZhlKLp Wi4DAbp6S4LLQJx2Mm+j9tFpKutt9PNB/eTESUjL1DaE6jeViWZ8Jzynk6pbrjnx1ik0 yKIfJEiNvnSQRGgPr3U5P0sNXw4iuLzjKe9s/UhLa7u+QapzZKbTZHk2RX8wIC0hy1Dd t5iqsnn9B3Bt9B46MmxGCyCv18bJN2408vbZIs0AmP1NQ3dpjx7AEdvOKgAwGHsAOZkY PC4X0+eD8rqNY9pLsiCGk4lSuLVyw4aqTpP8HGPPzQ3hipE+cy9dgTvJMB1Nqa9dt7I9 umyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=91otAi67wQAqMR8LtH9q6lXy4ricl0oBeNPWUa3E18E=; b=RjPAbvTeb1eq2D6MjUhjwhPC33F81kE94Pn6b2vLZYaEizazGr9T8AfjgBUfW4C0gC cmZDQYTNzA+cSZxTkmHHOmJ8hDXyvoESQzvRgBsjV/jo7uX2t97j8tRa6+rAHdFNQpJ7 ZZGPrqCb9fIxoip7zYZqJV/4Xrw/guL6oMgWoQiyWYRGoNaaRr2L4mCjgrbl0gzNKq+f 2XlTE7xgcXHZySKxJPuDoqUSmHAKSMS4m03l9RJGP4zC0oXL73eEI9jEYOWR7DDy3SCf jWRyHCuN0d2mczX3WM8BsG4Wka5ltNVa1NI6b8e52Lgch/r2oU2dIhzIlsQFwGc2OnWd ZTqg==
X-Gm-Message-State: APjAAAU63NN2o0RdnzldpIGJFheIEjgWnKWEGALrVeHLqta+gS7emYp3 kJmpN9TzEi2j0W98kMhbrhWqdHle
X-Google-Smtp-Source: APXvYqzVhFJiHDpo4rIH21XL3bjxxD9z58YNmncVVzkAma0mLQ04UNXKvmqqHZFrvUFvmLFM+t9a+g==
X-Received: by 2002:a1c:7dd4:: with SMTP id y203mr4187636wmc.67.1582199279510; Thu, 20 Feb 2020 03:47:59 -0800 (PST)
Received: from [192.168.0.10] (cpc117486-shep15-2-0-cust40.8-3.cable.virginm.net. [82.8.78.41]) by smtp.gmail.com with ESMTPSA id p26sm4054934wmc.24.2020.02.20.03.47.58 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Feb 2020 03:47:58 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
From: Stephen Morris <sa.morris8@gmail.com>
In-Reply-To: <158219860728.12525.1097565118105708150@ietfa.amsl.com>
Date: Thu, 20 Feb 2020 11:47:57 +0000
Content-Transfer-Encoding: quoted-printable
Message-Id: <854999E2-8D05-45AB-B939-87CF98DFB90A@gmail.com>
References: <158219860728.12525.1097565118105708150@ietfa.amsl.com>
To: dnsop@ietf.org
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/qc8WHbtb7-Ttf8XkkH2rqGdzTz0>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc2845bis-07.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Feb 2020 11:48:03 -0000
The update addresses comments from the Secdir and Genart reviews. In particular: 1) The text proposed by Tony Finch concerning SHA-1 has been included verbatim into the draft. (However, the suggestion to make informative references to some web sites that discuss SHA-1 collisions was not taken up - standards documents can be relevant for many years whereas web sites can be more more transient.) 2) There was some very minor tinkering with the wording concerning the example naming scheme for keys to try and make it easier to parse. Stephen > On 20 Feb 2020, at 11:36, internet-drafts@ietf.org wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Domain Name System Operations WG of the IETF. > > Title : Secret Key Transaction Authentication for DNS (TSIG) > Authors : Francis Dupont > Stephen Morris > Paul Vixie > Donald E. Eastlake 3rd > Olafur Gudmundsson > Brian Wellington > Filename : draft-ietf-dnsop-rfc2845bis-07.txt > Pages : 27 > Date : 2020-02-20 > > Abstract: > This document describes a protocol for transaction level > authentication using shared secrets and one way hashing. It can be > used to authenticate dynamic updates as coming from an approved > client, or to authenticate responses as coming from an approved name > server. > > No recommendation is made here for distributing the shared secrets: > it is expected that a network administrator will statically configure > name servers and clients using some out of band mechanism. > > This document obsoletes RFC2845 and RFC4635. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc2845bis/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-dnsop-rfc2845bis-07 > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-rfc2845bis-07 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-rfc2845bis-07 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop
- [DNSOP] I-D Action: draft-ietf-dnsop-rfc2845bis-0… internet-drafts
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc2845b… Stephen Morris