Re: [DNSOP] Empty Non-Terminal sentinel for Black Lies
"Hollenbeck, Scott" <shollenbeck@verisign.com> Wed, 28 July 2021 12:18 UTC
Return-Path: <shollenbeck@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BFAC3A0C4D for <dnsop@ietfa.amsl.com>; Wed, 28 Jul 2021 05:18:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ORjT8nPoTSWJ for <dnsop@ietfa.amsl.com>; Wed, 28 Jul 2021 05:18:35 -0700 (PDT)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 612623A0C4A for <dnsop@ietf.org>; Wed, 28 Jul 2021 05:18:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=11028; q=dns/txt; s=VRSN; t=1627474717; h=from:to:date:message-id:references:in-reply-to: mime-version:subject; bh=vVIvUn0v8QcztzRBS/Ty9+ut1CgqIsPLtLuF7zUyDAo=; b=JvT+vYJXExbRTAJTXGxexeT6u4SfjOCzTY+8HxPianwJhr0ry4xpnZTL noVIJMBZi6oXg7itphQQYwFWuWCJEpBbEwkgj+lsJYcaoCrOfyGw1vv1m h0Yjv4wStb1yGkuTQVQJxep3KGAg8Tz2o2rjpPZGgFRAay2dygG6S053V xtIeC06jmsTz7E9LsKwLHvvFiqCPWWwuBMQvl4Lhs1n3amu6uhLoBfTfA BxKXxEmRGsQ3FE8dHCuzGgmO0ZxG7aXqQhJIZ3PRMRmMarvTvfdq2XZOA ABEAi+3x2OsFahwXwtybdKP0sqv9ST7mX1Qn8Mu1Een1w27v+Uefl6THN Q==;
IronPort-SDR: IUrH0KeGV4/juf+JU9JzaHeqMH0z15JqwWmUtdo4g4Y7QYo+/2T0KOiGG3sqm7wD5CiQBS/9hq lIpWQ/FcMpw56zux+5sJzZzQULJmZB8WT3a4XvbUp33CvCT/r9gEYZdqBqva5Nx1Vu+akv2ROr 7pSVv1QG1Hi3MPEkzJmRB4rZzOCtdlX28FQA98C7K59BaW4Pvo9hIR93Yj+RUvLDJiCbYaEE+W dejy9dH6X6ov0qh090/Guym1XR2mvUzeR6BOME2ZtoTIpSLsYsU70bFXa3GajbiUys69tD6Kwg bbo=
IronPort-HdrOrdr: A9a23:OQ10pq3/Rr8E7px+o6ZK+gqjBIckLtp133Aq2lEZdPUMSL38qy ncpoV+6faUskdoZJhOo7G90cW7K080sKQFg7X5Xo3SJzUO2lHJEGgK1+KLqAEIWReOldK1vp 0NT0EKMrPN5C9B4voSjjPULz9q+qjhzEnhv5a5855Cd3ASV51d
X-IronPort-AV: E=Sophos;i="5.84,276,1620691200"; d="scan'208,217";a="9724508"
Received: from BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Wed, 28 Jul 2021 08:18:32 -0400
Received: from BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde]) by BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde%4]) with mapi id 15.01.2242.012; Wed, 28 Jul 2021 08:18:32 -0400
From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
To: "shuque@gmail.com" <shuque@gmail.com>, "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [EXTERNAL] [DNSOP] Empty Non-Terminal sentinel for Black Lies
Thread-Index: AQHXg0Ad9opVlZ6mM0+7+6ZiCnaBHatYTj+A
Date: Wed, 28 Jul 2021 12:18:32 +0000
Message-ID: <9982669d5cb245d692824bc1440d8496@verisign.com>
References: <CAHPuVdV6s1wM6Qc3uAhRQurVg2mMocRCTPmpVHHkBHW9FWV5Cg@mail.gmail.com>
In-Reply-To: <CAHPuVdV6s1wM6Qc3uAhRQurVg2mMocRCTPmpVHHkBHW9FWV5Cg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.170.148.18]
Content-Type: multipart/alternative; boundary="_000_9982669d5cb245d692824bc1440d8496verisigncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/tt_G-Kx42ujPLfF9rA-iPYoMRTU>
Subject: Re: [DNSOP] Empty Non-Terminal sentinel for Black Lies
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Jul 2021 12:18:40 -0000
From: DNSOP <dnsop-bounces@ietf.org> On Behalf Of Shumon Huque Sent: Tuesday, July 27, 2021 7:35 PM To: dnsop@ietf.org WG <dnsop@ietf.org> Subject: [EXTERNAL] [DNSOP] Empty Non-Terminal sentinel for Black Lies Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Folks, While we have the attention of DNSOP folks this week, I'd like to ask for review of this draft (I meant to send it earlier in time for f2f discussion on Tuesday, but better late than never). https://datatracker.ietf.org/doc/html/draft-huque-dnsop-blacklies-ent-01<https://secure-web.cisco.com/1YTiuVe-DvVNG7ASvMGQwCQ_8P7vWlgGf0Klt0graLQOeSAlwlixroDJUbX3WZFF7Kn7TnRPBnnT3jfDtB2AfUYYX468YiRX2sIyZzlQ3sediqxtTR-XIa4_4vwDY4lHxuasRtJeUrqBhyMoNiLmj6rJ9J7ncpk8MebTabpy5-0YnN5-J-72HOg3al-8ffhW4wx4q0w-xItD3WtYcLR5vo2qQ2b7IBUstbtpTaDK8oHJ3o4RpCDp4Z16ClGXNxCvP/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-huque-dnsop-blacklies-ent-01> Excerpt: Empty Non-Terminal Sentinel for Black Lies Abstract The Black Lies method of providing compact DNSSEC denial of existence proofs has some operational implications. Depending on the specific implementation, it may provide no way to reliably distinguish Empty Non-Terminal names from names that actually do not exist. This draft describes the use of a synthetic DNS resource record type to act as an explicit signal for Empty Non-Terminal names and which is conveyed in an NSEC type bitmap. [SAH] Something to consider: https://www.ietf.org/about/groups/iesg/statements/on-inclusive-language/ “The “black lies” term may get called into question. Scott
- [DNSOP] Empty Non-Terminal sentinel for Black Lies Shumon Huque
- Re: [DNSOP] Empty Non-Terminal sentinel for Black… Brian Dickson
- Re: [DNSOP] Empty Non-Terminal sentinel for Black… Shumon Huque
- Re: [DNSOP] Empty Non-Terminal sentinel for Black… Ralf Weber
- Re: [DNSOP] Empty Non-Terminal sentinel for Black… Shumon Huque
- Re: [DNSOP] Empty Non-Terminal sentinel for Black… Hollenbeck, Scott
- Re: [DNSOP] Empty Non-Terminal sentinel for Black… Shumon Huque
- Re: [DNSOP] Empty Non-Terminal sentinel for Black… Peter van Dijk
- Re: [DNSOP] Empty Non-Terminal sentinel for Black… Shumon Huque