Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-requirements-05.txt
"Wessels, Duane" <dwessels@verisign.com> Sat, 02 November 2019 18:18 UTC
Return-Path: <dwessels@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id EFC071200F8
for <dnsop@ietfa.amsl.com>; Sat, 2 Nov 2019 11:18:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id PwHT5m-NIX2z for <dnsop@ietfa.amsl.com>;
Sat, 2 Nov 2019 11:18:00 -0700 (PDT)
Received: from mail3.verisign.com (mail3.verisign.com [72.13.63.32])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id F090612002E
for <dnsop@ietf.org>; Sat, 2 Nov 2019 11:17:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=verisign.com; l=9169; q=dns/txt; s=VRSN; t=1572718681;
h=from:to:date:message-id:references:in-reply-to:
mime-version:subject;
bh=EpgXvYT7TUy8L7xxoTu8RzvdCsjjDXE5ZRDAM08lZ44=;
b=iWoxscOZ8xd+rOOH27WAwCzztyTxlvP2vjppRIbOwr1l/igUMfgX/31F
ig22Axh4NANB78O/FRnYNvbZ7NI/rgv93y1lDORJfjSn730kndJT6fUDu
2VFRLPC13u3cjtwfNVyoTntTzrBxKYLRmnSBYGwFAQI9T0GAcSSMRBxFP
NuTaYjI0qV1IcfjclSQ1eogvahZaIOc9N+2GLiGukeGLU9ntmtG9EkG73
qlUjIGCUjde8m3YPeETv/y3uyQC6/cxuLYuN5t2KmiXGzA9zTtk1u3kKj
LV9DEFAqTt67BbQkWZQwzYTlN0is35qpAmdXpeIcT+W9gKGqKeVr6iUDg w==;
X-IronPort-AV: E=Sophos; i="5.68,260,1569283200"; d="p7s'?scan'208";
a="9533322"
IronPort-PHdr: =?us-ascii?q?9a23=3A6yIDhRyRHZn/3BLXCy+O+j09IxM/srCxBDY+r6?=
=?us-ascii?q?Qd2+0fIJqq85mqBkHD//Il1AaPAdyArasc2qGP6/CocFdDyK7JiGoFfp1IWk?=
=?us-ascii?q?1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBA?=
=?us-ascii?q?j0OxZrKeTpAI7SiNm82/yv95HJbAhEmTSwbalvIBmqqQjdudQajZdhJ60s1h?=
=?us-ascii?q?bHv3xEdvhMy2h1P1yThRH85smx/J5n7Stdvu8q+tBDX6vnYak2VKRUAzs6PW?=
=?us-ascii?q?874s3rrgTDQhCU5nQASGUWkwFHDBbD4RrnQ5r+qCr6tu562CmHIc37SK0/VD?=
=?us-ascii?q?q+46t3ThLjlSEKPCM7/m7KkMx9lKJVrgy8qRxjzYDaY4+VO/h5cKPcYdwVSn?=
=?us-ascii?q?FMXslNWyxEGI68b5cDA/QHMO1Fr4f9vVwOrR6mCAWiBOzg1CRIhmTo0q0+yO?=
=?us-ascii?q?QtCRzN0gI9H90UtnTbstv5P7oVXO+owqjH0y7Db+hI1jf584jFaQ4hru+WXb?=
=?us-ascii?q?JxasrRyEYvFwXfglqMrozlOiqY2+IQuGaV6OpgUPigi28hqwxpozig2Nssio?=
=?us-ascii?q?fTioIS0FDE+iN0y5s2K92gUEN3fMKoHIFNuyyYOYZ6WN4uTmFmtSogxbALuo?=
=?us-ascii?q?a3cDUWxJg92hLSaeCLf5KV7h/sV+udOyp0iXF9dLKxmRm/8lSsx+j5W8au01?=
=?us-ascii?q?tHqjFKn9zCu3wTyhPe682KReB580qg2zuC0g7e5+9GLE8pk6fQNoQvzaQqlp?=
=?us-ascii?q?UJtETOBir2mELrg6CIbkgk4e2o6/j/YrXhu5+cK5d4igHgPaQqncyyGfk1PB?=
=?us-ascii?q?QWUWSG+euyzLLt8kzlTLlXlPE2jLXWsJfAJcQDvKK2GRJa3pw96xalFDem1s?=
=?us-ascii?q?4UkmUALFJAYB6Hjo7pNE/SIP3gEPuzn06gnCppyv3IJLHtH5XAI3bZnLrufr?=
=?us-ascii?q?tx80tcxxAyzdBb6ZJUELYBIPfrV0Dsut3XEAQ5MxeqzObjE9VwzZ0eVnyVAq?=
=?us-ascii?q?+YK6PSsFCI5uQ1L+aQY48VvS7xK+I56P72kX85hVgdcLG00psRc3C4GexmLl?=
=?us-ascii?q?6YYXXyntcBH30Gvg0kTOzl2xW+VmsZa3CpWLoU5zwnBsShF4iJDtShhqeGxA?=
=?us-ascii?q?+6E4FYIGdcBQbfP23vctDOZPoXcy+WOYspviENU7XrA9styhy1rwL+0JJ5I/?=
=?us-ascii?q?DV4SwXs9To090jtL6brg076TEhV5fV6GqKVWwhxm4=3D?=
X-IPAS-Result: =?us-ascii?q?A2HxAgCBx71d/zCZrQplHAEBAQEBBwEBEQEEBAEBgX2DD?=
=?us-ascii?q?CuBBgqVOYNqlVWBZwkBAQEBAQEBAQEDBAEYDQoBAQKEPgKEIDgTAg4BAQEEA?=
=?us-ascii?q?QEBAQEFAwEBAQKGIAELgjsiamsBAQEBAQEBAQEBAQEBAQEBAQEBFgJDVRIBA?=
=?us-ascii?q?R0BAQEBAgEBAWUHEAsCAQgYLgIlCyUCBBMOgxQBglcRHq92gieEPQIOQUCEc?=
=?us-ascii?q?BCBNoFTg0eGXDWBQT6BOB+CTD6CYgEBAgEBFoELO4NDgiwElVmYGQMHgiSDR?=
=?us-ascii?q?oIzgRiOQII8coZoj0+OQogujhKDFwIEAgQFAhWBaYF7cBUaISoBgkEJNRIRF?=
=?us-ascii?q?IwNhT90jV+BDgEB?=
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by
BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.1779.2; Sat, 2 Nov 2019 14:17:55 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d]) by
BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d%5]) with mapi id
15.01.1779.002; Sat, 2 Nov 2019 14:17:55 -0400
From: "Wessels, Duane" <dwessels@verisign.com>
To: "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [EXTERNAL] [DNSOP] I-D Action:
draft-ietf-dnsop-dns-tcp-requirements-05.txt
Thread-Index: AQHVkaiHMstqkTAfdE+fmU1aAK+sVad4c20A
Date: Sat, 2 Nov 2019 18:17:55 +0000
Message-ID: <D608BC6F-AD66-4A2A-AE4A-2D306F7FC05E@verisign.com>
References: <157271808929.6094.7926587135820341966@ietfa.amsl.com>
In-Reply-To: <157271808929.6094.7926587135820341966@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3445.9.1)
x-originating-ip: [10.170.148.18]
Content-Type: multipart/signed;
boundary="Apple-Mail=_060F6811-75BF-4F05-B810-BAC57DDCD4E4";
protocol="application/pkcs7-signature"; micalg=sha1
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/rFH6dI4hksa0Sz0danMKop9Yxvo>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-requirements-05.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>,
<mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>,
<mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Nov 2019 18:18:02 -0000
Hello dnsop, This draft has been updated with the following changes since -04: - added DNS-over-TLS to the abstract - added recent discussions about avoiding fragmentation in DNS - changed "SHOULD use TFO" to "MAY use TFO" due to concerns expressed in the WG - changed discussion of KSK rollover to past tense - added privacy consideration text - added a few new references The authors would like to take this draft to working group last call. DW > On Nov 2, 2019, at 1:08 PM, internet-drafts@ietf.org wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Domain Name System Operations WG of the IETF. > > Title : DNS Transport over TCP - Operational Requirements > Authors : John Kristoff > Duane Wessels > Filename : draft-ietf-dnsop-dns-tcp-requirements-05.txt > Pages : 26 > Date : 2019-11-02 > > Abstract: > This document encourages the practice of permitting DNS messages to > be carried over TCP on the Internet. This includes both DNS over > unencrypted TCP, as well as over an encrypted TLS session. The > document also considers the consequences with this form of DNS > communication and the potential operational issues that can arise > when this best common practice is not upheld. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-dns-tcp-requirements/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-dnsop-dns-tcp-requirements-05 > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-dns-tcp-requirements-05 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-dns-tcp-requirements-05 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop
- [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-requ… internet-drafts
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-… Wessels, Duane
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-… Giovane Moura
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-… Puneet Sood
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-… Wessels, Duane
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-… Paul Vixie
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-tcp-… Wessels, Duane