IETF Logo Mail Archive

Re: [DNSOP] Obsoleting DLV

Warren Kumari <warren@kumari.net> Tue, 02 July 2019 19:23 UTC

Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAE23120168 for <dnsop@ietfa.amsl.com>; Tue, 2 Jul 2019 12:23:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DlE9bRcqn_wJ for <dnsop@ietfa.amsl.com>; Tue, 2 Jul 2019 12:23:39 -0700 (PDT)
Received: from mail-qt1-x82d.google.com (mail-qt1-x82d.google.com [IPv6:2607:f8b0:4864:20::82d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC9A1120044 for <dnsop@ietf.org>; Tue, 2 Jul 2019 12:23:38 -0700 (PDT)
Received: by mail-qt1-x82d.google.com with SMTP id i34so19870460qta.6 for <dnsop@ietf.org>; Tue, 02 Jul 2019 12:23:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1rNVrSTb60fVn6p+hR0kXIoNhV2cFW6aC3HpMuJG8o8=; b=cxArfWYXMEcCtdq1pa7SH7tOH/Qik8DwAp5SirnY0EI53r8nFjgOPrhEfDV3DWW7Nw Tt+MhrmlQwBToCWQKWI5hd5nsBjWA8ta9rRfwzMBElCtWazeWfww99NTmFzPFfP+lgyi lh+wTCD/QBUK4JAQkbsRd3ZunRyPCB9J738NjxoWAeJhsWqPOaHJTIMBdwGBKO8YLPff OTFMjCmAwNJauItQyoGwWWRKOyxzlGHOlOLgbgzyic+og9z4p1pZIZQLvIeilFKlijMH vUrlItQNCR2c7z+Gmsku4zSkqhM31yMr2x2vLax9vIokKH6EU/5C2CmC2c4P9NOmBcC8 9SmA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1rNVrSTb60fVn6p+hR0kXIoNhV2cFW6aC3HpMuJG8o8=; b=fTVaQmeuik0UT9Ui2YTfzhq8SyjEAbGRZHeLwGDgFDjiK9cW6zweuNe6QFTKKQnUM8 ytM1owBoDccp8sHMBSEnSvIuWyuy3WkHTciHeTz51dO8s6sO2PKV5A5eXPpEwJPjo5yU 2tcJasp1VoMNsjbZ6KGQV3c2E4y7YMQAMfGmeWL0PAazE2mhJ7RJmMAPdzlXl71XH35W TN7FO6hduyjRIXrPUkcuXi0K13E/+Wbylfsh70q0Qtzdgi6RhUh6wPkjQTG+zJdM6CoR Q4Sa/wkn+CJWln9ggXW+gTuSLYLBwQp+sDGTj7i1QU7ika0DzyCMIHxoitwdKATBBoA1 SO5Q==
X-Gm-Message-State: APjAAAXuHcs12qrkXjgOYaomATucfc1FfleNyw75wtInW8hxtKElMfj1 TyJak7z/u9Lx0CVE4Q8pAaMlCa+FrwYMDlCx776weiir
X-Google-Smtp-Source: APXvYqwtYx+ISAIX71qpm0fojtfzV4Il3DUFYBX2/lm6Kvdr9LSajv3I7kKYahGLcPyzU+re1SmbG+XfGFwhovVLAYY=
X-Received: by 2002:ac8:2edc:: with SMTP id i28mr1204562qta.77.1562095417185; Tue, 02 Jul 2019 12:23:37 -0700 (PDT)
MIME-Version: 1.0
References: <56a4b9a1-6e80-be24-0852-fe3b91869f1e@pletterpet.nl>
In-Reply-To: <56a4b9a1-6e80-be24-0852-fe3b91869f1e@pletterpet.nl>
From: Warren Kumari <warren@kumari.net>
Date: Tue, 02 Jul 2019 12:23:25 -0700
Message-ID: <CAHw9_iJKnF7iqofM1AC-B61Tdq_SXJawawxtmcu1gBt6TkUOvQ@mail.gmail.com>
To: Matthijs Mekking <matthijs@pletterpet.nl>
Cc: "dnsop@ietf.org" <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000726c98058cb7ae0e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/rc2yYMZf3vnxbL1AHuaEHX0QXbY>
Subject: Re: [DNSOP] Obsoleting DLV
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jul 2019 19:23:41 -0000

On Tue, Jul 2, 2019 at 11:13 AM Matthijs Mekking <matthijs@pletterpet.nl>
wrote:

> Hi,
>
>
> A while back I was asked why BIND 9 still had code to do DLV. Good
> question, and we asked our users if they would mind if we remove the
> code. Almost everyone was okay with that.
>
> So ISC plans to deprecate the feature in BIND 9.  But also I think it is
> time to move the protocol to Historic status as a clear signal to
> everyone that it should no longer be implemented or deployed.
>
> Dan Mahoney cleared the only well-known DLV registry almost two years
> ago. Here's a draft with discussion why also the protocol should go
> away. We would like to hear what you think about it.
>

Yes please; DLV was a useful tool to get DNSSEC off the ground, but had
long outlived its usefulness, and is now just extra code to fail.

Rip it out,
W


>
> Best regards,
>
> Matthijs
>
>
> -------- Forwarded Message --------
> A new version of I-D, draft-mekking-dnsop-obsolete-dlv-00.txt
> has been successfully submitted by Matthijs Mekking and posted to the
> IETF repository.
>
> Name:     draft-mekking-dnsop-obsolete-dlv
> Revision: 00
> Title:    Moving DNSSEC Lookaside Validation (DLV) to Historic Status
> Pages:    5
> Status:
>
>   https://datatracker.ietf.org/doc/draft-mekking-dnsop-obsolete-dlv/
>
> Abstract:
>    This document obsoletes DNSSEC lookaside validation (DLV) and
>    reclassifies RFCs 4431 and 5074 as Historic.
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>
-- 
I don't think the execution is relevant when it was obviously a bad idea in
the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair of
pants.
   ---maf

v2.23.0 | Report a Bug | By Email