Re: [DNSOP] Questions on draft-ietf-dnsop-delegation-only
John R Levine <johnl@taugh.com> Thu, 30 July 2020 23:59 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 649603A1280
for <dnsop@ietfa.amsl.com>; Thu, 30 Jul 2020 16:59:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001,
SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key)
header.d=iecc.com header.b=x1QR/7ug;
dkim=pass (1536-bit key)
header.d=taugh.com header.b=bbtOKfrf
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id JAyDxrgU5c84 for <dnsop@ietfa.amsl.com>;
Thu, 30 Jul 2020 16:59:13 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com
[IPv6:2001:470:1f07:1126:0:43:6f73:7461])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 62D863A127D
for <dnsop@ietf.org>; Thu, 30 Jul 2020 16:59:12 -0700 (PDT)
Received: (qmail 57372 invoked from network); 30 Jul 2020 23:59:11 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com;
h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type;
s=e017.5f235ecf.k2007; i=johnl-iecc.com@submit.iecc.com;
bh=Lp6OOBkMqzn19pRMNX2PGGExEwp5BVbax16El4elzHg=;
b=x1QR/7ughTFpDqog4w+z/Y7Z6Qo6RMovFE0amJOd63UUjFeu4/cP+rhqUYgnIq7IkPgYjGRhk5y4KpDqbSPko5b2PIFeOtcKWpdQJe40ifKGWFW5vbCNQxoBgiN1+XEH0QKDu1IF9uDvX8C2hDjO+Yhs2ZkVTyoxrXT3Hoe43Hlu91GgiHpGJSe6fEX6g+C+xwbZfT7qgAMqtvfmkVV9Po+JAUQJwlMsPlaTNjPR92ybeh/xGklht0eDyBUov2fk
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com;
h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type;
s=e017.5f235ecf.k2007; olt=johnl-iecc.com@submit.iecc.com;
bh=Lp6OOBkMqzn19pRMNX2PGGExEwp5BVbax16El4elzHg=;
b=bbtOKfrfE4nx+G3S/ayu3QH7zqeaNIKQgnhNk/tVt+DNxaU/X9h3Z3TlKabh2EqTnLY7FtTgVqzQ4QsgxVmrlQhHaR9spql2K6NLbVdhhkahD1mEz9B9QrE0dUWyvqo1S+7KE19VFuhJxB8jEPytm+DvMHIqmb4p8PtO42LXQR0GSJQ5RNBiWzlildrIKlHvh2U6MHENhFKCQS+FqVPSVXBXPS80OWa2uxeF5mizc/xEBFcWqF8vip9RBHFfEN+f
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170])
by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170])
with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6;
30 Jul 2020 23:59:10 -0000
Date: 30 Jul 2020 19:59:09 -0400
Message-ID: <c878bcfd-4287-9592-5ab1-df6a5fe3acbb@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Tony Finch" <dot@dotat.at>
Cc: "Joe Abley" <jabley@hopcount.ca>, dnsop@ietf.org
In-Reply-To: <alpine.DEB.2.20.2007302306530.16320@grey.csi.cam.ac.uk>
References: <CAHbrMsDWR0Yf_66f7g6sYm5Wk5vg9avGnLLT2sqezHzJzK4qJw@mail.gmail.com>
<alpine.LRH.2.23.451.2007301253530.416340@bofh.nohats.ca>
<F16107A1-669C-41AD-9F59-1794C64B0737@hopcount.ca>
<alpine.LRH.2.23.451.2007301446380.418549@bofh.nohats.ca>
<rfv9s4$2mta$1@gal.iecc.com>
<alpine.DEB.2.20.2007302306530.16320@grey.csi.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/rXIocvwDmhNs-mggELkih0PFwNw>
Subject: Re: [DNSOP] Questions on draft-ietf-dnsop-delegation-only
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>,
<mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>,
<mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jul 2020 23:59:16 -0000
> If there are RRSIG(A) records in .com and .net there must have been a > policy change since 2010? Sorry, no, they're different. For all of the new TLDs they run they have some test delegations with name servers in the TLD: emt-ns1.emt-t-1113662392-1595861228527-2-sdojq.aol. 172800 in a 198.41.1.168 emt-ns1.emt-t-1113662392-1595861228527-2-sdojq.aol. 172800 in rrsig a 8 3 172800 20200804181604 20200728181604 32545 aol. h+iuDHDjmnr5a0egcjKDSiGxSyYe9O4UVJVOL8F3ttqwv31PnNnWyxFoa9k8gyGGBB6155jbJExvCY4KxqHqYPKylVw5Br/zfbFCfXD+wpMEmxHvQbRkDtK7AZBSLNunPl8gJ+WmywX8LVXhjobWCo9VGMogVKJz+cRcFKu/PY97fOzQbnNJBkF473zoPNX0Ct+2C/5QSEd5OYSIVfD2iA== emt-ns1.emt-t-1158551749-1595861079980-2-xo.aol. 172800 in a 198.41.1.126 emt-ns1.emt-t-1158551749-1595861079980-2-xo.aol. 172800 in rrsig a 8 3 172800 20200804175637 20200728175637 32545 aol. a4ij0JWJZlHXbPR+At9pYnTrWwpyFI12ubSnMmZ6PhlK4Sed5v64mzVy8QAmbgAtT2kNJqLW/weG4ZGHQDzN/oTYo2+NhLYpqf9/r1CBaX1V3As17lOSx5I7nm5aeKIupYnyMBb/h5NyxIh/7pbYT4fd+AtENKIt1Va+TAsZPBcL6a9dqcajRpnQ3Fx9Tq9QQJQC38sfHEK2X4fjRCF3/w== emt-ns1.emt-t-1737294735-1595858930228-2-jz.aol. 172800 in a 198.41.1.92 emt-ns1.emt-t-1737294735-1595858930228-2-jz.aol. 172800 in rrsig a 8 3 172800 20200804171915 20200728171915 32545 aol. FiTCAdK7jDWig2s0Y/duIsKuM86BOoe4jEcYLh9eEI1swnPKmUTWY9aM5xCFr9yqTlWHDz5cX3WzivizMqbhOa7LorQuIU359bh2z9FOk1MWZrhLUk5jhBW8tLT+Lj6lNe8rN4kmfVAU3ScBJ8X+pfALYACkoHdIuZs74fvspxiO/DF7EOH88mmyedyFiZA0NtOzN4lfFLDkPqUgKQL+8g== emt-ns1.emt-t-1919814529-1595856863287-2-rflv.aol. 172800 in a 198.41.1.111 emt-ns1.emt-t-1919814529-1595856863287-2-rflv.aol. 172800 in rrsig a 8 3 172800 20200804165227 20200728165227 32545 aol. WtEXPHu8fXQ3hDK6qVOmHbcRDMKsXTG2Q3qlJh10zyUCAFATsSvaZtHvmFZX60EvzB5H9qOATjmhd4ondDAoHwwS5+vn2Q8+Gtwl8lbMgv97OjtZTyf+KDKf7zsS+h7+rQtL8xOHSZp04uB6bTGscE7FoFVnXtGLC8efJPpGcIEvXtqx1CQMmA+OfY6Fkff6a0+qD3ZECCWtLbc/KI3pnw== emt-ns1.emt-t-2040593332-1595870898209-2-fjmc.aol. 172800 in a 198.41.1.65 emt-ns1.emt-t-2040593332-1595870898209-2-fjmc.aol. 172800 in rrsig a 8 3 172800 20200804215349 20200728215349 32545 aol. CKITWMU4hsaZz9sDYLPZOdnqPrGucEb82tPrFe7AUnsKC8uc20OwpaWBZsKiljm1J3khT7LuZFfLpvAC4Ma4c7DFXZBlJU0vwV4ONk5+M6+Ne+kiIYr8FfdAZy/UfgO0PYY0bqFYADINjxhAAcUPabgDQXmyjgHMLJmSXHibCWlD7rNhGbSYnHk2HYljhB3F5Qr5M/9JbgSXySq2XAdVQQ== emt-ns1.emt-t-320674882-1595861934204-2-ngoj.aol. 172800 in a 198.41.1.109 emt-ns1.emt-t-320674882-1595861934204-2-ngoj.aol. 172800 in rrsig a 8 3 172800 20200804183500 20200728183500 32545 aol. OFH8JEJioRiVjLm9eP2Dxgncj064Mevm9QAV0/Ybj8p0HhhEehlKvwazcTSCymLHN2eKiw8b9jN3Lfvpy2PEh2yXGM+GzJ5/eTLO0RLGV2PuaXYGiFbgze8j48ROw+W9FD7LdP33U2vGXwmn8aHaIAuCvzoIHQAUnDgKTJK9zQYzYj51Ltx0zFZGtibsafKwMvRI7fJcbJgApAJ89tjaSQ== emt-ns1.emt-t-645432105-1595875144963-2-p.aol. 172800 in a 198.41.1.80 emt-ns1.emt-t-645432105-1595875144963-2-p.aol. 172800 in rrsig a 8 3 172800 20200804233833 20200728233833 32545 aol. KVOc4xcORtulWDbaMxMBATKmBxPz2BKTozKsh9hWmxqAYuJviwRSfFDthojzIWc1rHJocAWTf/0pwQVhYvWeK1w5LH+4v33VxzGOlQKTBYr20etIgChS5JK7ohH4PsZPK0juk+1mvFHoD7DJYeGv3XIkXOEs4+cdsbIOD9hBnWh4OrihJdPGPZIzpiMG21Nplc5CFP+uOGbPZPtdqqdJEQ== emt-ns1.emt-t-706490806-1595861285174-2-gmk.aol. 172800 in a 198.41.1.117 emt-ns1.emt-t-706490806-1595861285174-2-gmk.aol. 172800 in rrsig a 8 3 172800 20200804182723 20200728182723 32545 aol. InRAqN/asgig+58aeUI4AqCP7QgMdK/Xr/5soEYRnvUdqXdD6s9vSqVDWhZzbdBNocKnoMo1WBiYUIMBvPoUGCMnAjCuKq5hze654pZAoiQYFatnE+AhNgkRqGdglvlSrP6ou7igOmPOAlMlEgmnwV3psVMJeaAdXI2Zx/460TLSYougRqS9/gCPf5hfinXiRpf4l2InnRypGU25ARapdw== > I don't know if other nameservers implement the same behaviour. AFAIK it > isn't possible to represent orphan glue in standard zone files or zone > transfers, so I think this is an ATLAS special. Nothing special there, orphan glue that isn't under a delegation is just an ordinary A record. I suppose they could do an nsec3 opt-out to provide a hint that it's intended to be glue, but who'd care? Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly
- [DNSOP] Questions on draft-ietf-dnsop-delegation-… Ben Schwartz
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Petr Špaček
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Paul Wouters
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Joe Abley
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Ben Schwartz
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Paul Wouters
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… John Levine
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Joe Abley
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Paul Wouters
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Joe Abley
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Paul Wouters
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Joe Abley
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Brian Dickson
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Joe Abley
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Paul Wouters
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Patrick Mevzek
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Patrick Mevzek
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Joe Abley
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Ben Schwartz
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Tony Finch
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… John R Levine
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Brian Dickson
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… John Levine
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Hugo Salgado
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Patrick Mevzek
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Paul Wouters
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… John Levine
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Paul Wouters
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Joe Abley
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Joe Abley
- Re: [DNSOP] draft-ietf-dnsop-delegation-only is s… John Levine
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Paul Wouters
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Paul Wouters
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Paul Wouters
- Re: [DNSOP] Questions on draft-ietf-dnsop-delegat… Ben Schwartz
- Re: [DNSOP] draft-ietf-dnsop-delegation-only is s… Viktor Dukhovni
- Re: [DNSOP] draft-ietf-dnsop-delegation-only is s… Paul Wouters
- Re: [DNSOP] draft-ietf-dnsop-delegation-only is s… Joe Abley
- Re: [DNSOP] draft-ietf-dnsop-delegation-only is s… John Levine
- Re: [DNSOP] draft-ietf-dnsop-delegation-only is s… Paul Wouters
- Re: [DNSOP] draft-ietf-dnsop-delegation-only is s… John R Levine