IETF Logo Mail Archive

Re: [DNSOP] [Gen-art] Genart last call review of draft-ietf-dnsop-multi-provider-dnssec-04

Alissa Cooper <alissa@cooperw.in> Thu, 09 April 2020 02:24 UTC

Return-Path: <alissa@cooperw.in>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 231293A040E; Wed, 8 Apr 2020 19:24:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.119
X-Spam-Level:
X-Spam-Status: No, score=-2.119 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cooperw.in header.b=CrqXmqKS; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=AeItBM5f
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W7bvgMWtv2kA; Wed, 8 Apr 2020 19:24:45 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F6E73A040B; Wed, 8 Apr 2020 19:24:45 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 07DE65C02E4; Wed, 8 Apr 2020 22:24:45 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Wed, 08 Apr 2020 22:24:45 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cooperw.in; h= from:message-id:content-type:mime-version:subject:date :in-reply-to:cc:to:references; s=fm2; bh=3lj2xx36GLCnz7u/yVoIhxV RWjxW5VZDshNYZVKqyqM=; b=CrqXmqKSMi/nruGIXHcSZGCioEN+0CoG2qITMLc UsSnmD1d6TCS8Bcj0fupWlicXR+CmBnXxwlc+c2Abx+sxWtWTvrIMaV6LSsVteew 7LACbpoK0ClAj8BZrrr67Dyx/rP6bT+7+mVi+1DR6xmiCAFX6Ym88qLw3I91K4v/ mGu9si7tEAauQ21EMVKY9sjheP2rMx8fvcyKF4Z7UmyZV/xSfeRhTo7SoYv9SlkW zgVWaaR5gYMOrwZpTOrHKah6t6/8sNfKt8YepdaGoTCWxEyFlJDTiP4bdyuc8Ltn 69uXqAVhB+BE85qtgHHA9xdmBdyDsWui9QNuTcFPT9JJxsA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=3lj2xx 36GLCnz7u/yVoIhxVRWjxW5VZDshNYZVKqyqM=; b=AeItBM5fasPexph/rbPXEY 9QFGr7f+RJ1qS/BOsfFM6/9E7kVQgjleSbOQ2jya34p0QcN9BFeXpVMx/rWyVjgD ek6ENLGFgXCgyqVkjbh8qUhZy0dQLqRVM1r/Sh2PVWNcolEQARejBZLxBA2bA7O8 tfvDj+2rw1n7srocYBDW4xcZ8q5VjQT+uPm9Z2J4IBMZceZlMN4nZzbStW35y1sc SziiVpm6L2UjyhUhdIaM228E/giIoHzGawKugClxfacUAdS9F3PXIErOg2VnmQDu Mx6zruYx+6oRnyU6zoLVNqAVFKYEvzua3Zso64+EW3c8Mr23agmPtSga+5FchXQg ==
X-ME-Sender: <xms:bIeOXrhdCCsm00zMXh76RUIyxmw0ponb5CN8ij77rhx0R3Qtr0sSNA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrudekgdehhecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefhkfgtggfuffgjvfhfofesrgdtmherhhdtvdenucfhrhhomheptehlihhsshgr ucevohhophgvrhcuoegrlhhishhsrgestghoohhpvghrfidrihhnqeenucffohhmrghinh epihgvthhfrdhorhhgnecukfhppedujeefrdefkedruddujedrieejnecuvehluhhsthgv rhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheprghlihhsshgrsegtohhoph gvrhifrdhinh
X-ME-Proxy: <xmx:bIeOXgp7scPL9TNQrO3WnkrGksS5xpbuK52mHifi_jF72gUJFvcC-w> <xmx:bIeOXigyOdd3yA6fvdruuSPCFbn27QCpP4kzyarNssurq5T5xT9kUg> <xmx:bIeOXiNmFcMb4elQPO1VA3oPl94eHNkY8zzDrSP9KePS8HmrtFqSzg> <xmx:bYeOXhl-nvCU10VCkbel0LhH3KpHYkIBkJ5MpcULJi96oRZsrapd4A>
Received: from rtp-alcoop-nitro2.cisco.com (unknown [173.38.117.67]) by mail.messagingengine.com (Postfix) with ESMTPA id 47C363280059; Wed, 8 Apr 2020 22:24:44 -0400 (EDT)
From: Alissa Cooper <alissa@cooperw.in>
Message-Id: <A8FFFA05-8D04-4841-AAB4-3413919EF5B5@cooperw.in>
Content-Type: multipart/alternative; boundary="Apple-Mail=_3A7DC45B-33F7-4CAB-B89F-F63374352C07"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.5\))
Date: Wed, 08 Apr 2020 22:24:41 -0400
In-Reply-To: <CAHPuVdWbd1_m2T5V9SYSrPVHC=EUfqdheWzXO_+DZBt0qx1ZpA@mail.gmail.com>
Cc: last-call@ietf.org, General Area Review Team <gen-art@ietf.org>, draft-ietf-dnsop-multi-provider-dnssec.all@ietf.org, "dnsop@ietf.org WG" <dnsop@ietf.org>
To: Shumon Huque <shuque@gmail.com>, Pete Resnick <resnick@episteme.net>
References: <158569260730.28393.8480449586046870268@ietfa.amsl.com> <CAHPuVdWbd1_m2T5V9SYSrPVHC=EUfqdheWzXO_+DZBt0qx1ZpA@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.9.5)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/uXMLkowLWF6Kjqxf-80RbquvB4c>
Subject: Re: [DNSOP] [Gen-art] Genart last call review of draft-ietf-dnsop-multi-provider-dnssec-04
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Apr 2020 02:24:47 -0000

Pete, thanks for your review. Shumon, thanks for your response. I entered a No Objection ballot.

Alissa


> On Mar 31, 2020, at 6:44 PM, Shumon Huque <shuque@gmail.com> wrote:
> 
> On Tue, Mar 31, 2020 at 6:10 PM Pete Resnick via Datatracker <noreply@ietf.org <mailto:noreply@ietf.org>> wrote:
> Document: draft-ietf-dnsop-multi-provider-dnssec-04
> Reviewer: Pete Resnick
> Review Date: 2020-03-31
> Summary: Ready.
> 
> Good to go. A straightforward document easy enough for this non-expert to get.
> Thanks to the shepherd for a straightforward writeup; it made the review even
> easier.
> 
> Hi Pete,
> 
> Thanks for your review.
> 
> 
> Major issues: None
> 
> Minor issues: None
> 
> Nits/editorial comments:
> 
> Just two comments, neither of them should stop progress on the document in any
> way:
> 
> 1. I could see this document being a BCP, since the advice in here seems pretty
> prescriptive. I think it will still be perfectly useful as an Informational
> document, but it does seem to have important operational advice.
> 
> When we first brought this work to DNSOP, I actually asked the same question.
> 
> The general consensus at that time was that since no-one had yet deployed
> these models in production, it was probably premature to portray it as a BCP
> (since the practice did not yet exist :-).
> 
> By now, we have had a number of prototype/test implementations, a
> production implementation by one major DNS vendor, as well 2 others in
> the pipeline. So there is more confidence that these models will be successfully
> deployed.
> 
> The easiest course of action in my view is to push it out as Informational, and
> as more operational experience is gained in the field, produce an updated
> document as a BCP.
> 
> 2. In section 3, it occurs to me that another thing you might add to the
> problem list is the issue of some servers caching BAD Data. Paul Hoffman was
> nice enough to point me to section 4.7 of RFC 4035. Perhaps a reference to
> there from this document would be useful.
> 
> I'm pondering a bit more about what to do with this suggestion. I agree it might
> be worth mentioning. Although I'm not sure there is any new behavior w.r.t. these
> models that needs to be highlighted.
> 
> Again, take them for what they're worth. If you decide not to do either, I feel
> the document could go forward as-is without a problem.
> 
> Thanks!
> Shumon Huque
> 
> _______________________________________________
> Gen-art mailing list
> Gen-art@ietf.org
> https://www.ietf.org/mailman/listinfo/gen-art

v2.23.0 | Report a Bug | By Email