Re: [DNSOP] Fwd: New Version Notification for draft-bellis-dnsop-xpf-01.txt
神明達哉 <jinmei@wide.ad.jp> Wed, 22 March 2017 01:12 UTC
Return-Path: <jinmei.tatuya@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3D111241FC for <dnsop@ietfa.amsl.com>; Tue, 21 Mar 2017 18:12:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.402
X-Spam-Level:
X-Spam-Status: No, score=-2.402 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.197, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id suCYQSVQ7srN for <dnsop@ietfa.amsl.com>; Tue, 21 Mar 2017 18:12:55 -0700 (PDT)
Received: from mail-qt0-x22d.google.com (mail-qt0-x22d.google.com [IPv6:2607:f8b0:400d:c0d::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9196D1287A3 for <dnsop@ietf.org>; Tue, 21 Mar 2017 18:12:55 -0700 (PDT)
Received: by mail-qt0-x22d.google.com with SMTP id x35so143895006qtc.2 for <dnsop@ietf.org>; Tue, 21 Mar 2017 18:12:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=Om1cCTy+4d1qXfM7gaf2coOA/0vQ6IW8NNOfmg7Y7lg=; b=JLGHLo4hPw/hxD6Yq7jNzWr+BkTjT3uYopcoePpqj7TuL7s8/4OCsYgo2XQu20b0Fi p551XQP/p2Szi/AF6jqggAr2Nd1qESKZ8akqfpZeQSiqJRHllAEeVIfcEhiTjPNpDv8U fMefdpAhsbOoGBF3uLuXL82/UFkAtsrlA97H/A1dqQdkb38qJrcoSjpU6UabDzSkpdfg o5L/bIH40DEYeO/yRBCygklzfKY2dWQKP0vUpogZb5hRY+4AO4XvjUHfJIfe0QWwMzck buI0Xl6s+EGYxvm2Zzwa7GBSyXtlo0UgMJO08vEU6wdTt479eeTP5WOWJL8KpKTiJs6c aYbg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=Om1cCTy+4d1qXfM7gaf2coOA/0vQ6IW8NNOfmg7Y7lg=; b=nnXCkvcsVGkGcpXEScdUNjxZoJRZef35QF9Ag6M7QSfoW7+mklAdHCCwh4hbtiHIq1 ao8Km+Omdf0C0OxCWVgciNJGWhBNUJekMrjQRm9TsGXlymVcAfa2zdgdN01kU21q8TRs QaLm+8SQrCcyyJB91JdMf+Z71o+ECJDrTmSI7TUxPVFe+mIQ/l/xN6/tuJdcAQ4Yhw4A 0bzKv8apoiTGxm/umL0aUBgnRe4PV1DCVObAo9jeJqyHpP6erqUxR6K8GDofNZTtSjOm PQ47PoyLk05JwH8O3nD8c/MLnKoZSQ5rBjlCpKO3nCQhRr8a4TuLZAb7EcAnet+fLkcL WGOQ==
X-Gm-Message-State: AFeK/H3oiglP+YeLyPFnWNIHoBfnsfIHcq9+4nV08uceWVuwdjbn6CX620q5yBbunCJnEi/fsFtoCzEZe8jhnQ==
X-Received: by 10.237.32.240 with SMTP id 103mr35519530qtb.93.1490145174487; Tue, 21 Mar 2017 18:12:54 -0700 (PDT)
MIME-Version: 1.0
Sender: jinmei.tatuya@gmail.com
Received: by 10.237.61.204 with HTTP; Tue, 21 Mar 2017 18:12:54 -0700 (PDT)
In-Reply-To: <484ebc0c-7286-3c80-564c-bf816600c4a4@isc.org>
References: <148396571329.24904.14128382959913441373.idtracker@ietfa.amsl.com> <484ebc0c-7286-3c80-564c-bf816600c4a4@isc.org>
From: 神明達哉 <jinmei@wide.ad.jp>
Date: Tue, 21 Mar 2017 18:12:54 -0700
X-Google-Sender-Auth: nBvrjbvyxPQ7UinuctocLyBr2xM
Message-ID: <CAJE_bqfNnPqbvaDpk1KDDxhS5wiEUqSSD-Od1L7vGpy3UK7VfQ@mail.gmail.com>
To: Ray Bellis <ray@isc.org>
Cc: dnsop <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/tDPjZW93t7hS5zIWgXbbc149aCA>
Subject: Re: [DNSOP] Fwd: New Version Notification for draft-bellis-dnsop-xpf-01.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Mar 2017 01:12:58 -0000
On Mon, Jan 9, 2017 at 4:43 AM, Ray Bellis <ray@isc.org> wrote: > I've submitted a -01 revision to address most of the feedback received > so far. I have some minor comments on this version. - Section 3.1 IP Version: The IP protocol version number used by the client, as defined in the IANA IP Version Number Registry [IANA-IP]. Implementations MUST support IPv4 (4) and IPv6 (6). I suspect "IANA-IP" is defined as a 4-bit field simply because the version field of the IPv4 (and therefore IPv6) header is 4 bits. But I don't think this specification necessarily has to inherit the restriction, and while it's probably quite unlikely to see the need for more than 15 values, I also don't see why we have to be more future proof (at least we know "IPv10" is coming, right? :-). Although there's an unused 4 more bits, I think it's even better to have a 16-bit field and use address family numbers: https://www.iana.org/assignments/address-family-numbers/address-family-numbers.xhtml - Section 3.2 Proxies MUST append this option to each request packet received before sending it to the intended DNS server. This MUST sounds too strong to me as a general requirement. Unless the upstream server needs the information provided in this option, there should be no interoperability problem even without this option. - Section 3.3 When this option is received from a white-listed client the DNS server MUST (SHOULD?) use the address from the option contained therein in preference to the client's source IP address for any data processing logic that would otherwise depend on the latter. I think this paragraph needs some more clarification. I can easily imagine the server has an ACL that limits acceptable clients to those proxies. But in that case the server should actually "use" the client's source IP address. It's not a critical problem of the specification, but I think it's better to clarify the intended context to avoid such confusion of readers. -- JINMEI, Tatuya