Re: [DNSOP] Working Group Last Call for: draft-ietf-dnsop-kskroll-sentinel

Warren Kumari <> Fri, 06 April 2018 12:38 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 45C24126DED for <>; Fri, 6 Apr 2018 05:38:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 72hnAt-o7ANE for <>; Fri, 6 Apr 2018 05:38:02 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 540211201FA for <>; Fri, 6 Apr 2018 05:38:02 -0700 (PDT)
Received: by with SMTP id r82so3155423wme.0 for <>; Fri, 06 Apr 2018 05:38:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=c6JmRr0zzLdPQWT4D7Mc1MeI4vAJQ1bjVDnMgVs5Rv8=; b=YhZnI72GF1mjFL3pjHf8qqOO/oJr2ik0O0bQQHlfJIWiv4BANcxorBIHQQim4RVVZa fm7jqpSdokWHym86p0be95NPTezSnoadmdmpJVnW1sCP8amD6TFsxBCX8onicYFTBfiH QpVP1Wa8Ubo6Vx9ApGAGho68lceu91mHYLvYBL1K8VgHaH3gkkkvOvz9t1XqNkeBfloM 73e5mcEYTdOOxJMzjiaQ/adib6SmyFp8IDCrb29Xxq+uSGT9cnAb48+PipVa3wIRyEIB lRA+PbzKa3X7+j6aq4Fxf9rFgANJtvGrfyooY7YD3JGKgpejMuEWPydHhkJZRk3ly2mY 31fQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=c6JmRr0zzLdPQWT4D7Mc1MeI4vAJQ1bjVDnMgVs5Rv8=; b=j2j7cFTZzUiNjjcnxmTmSnDLbXo0j+D+gJ+zSfuvfiCPbnrnqKl28Rg1KYlML5S2Rx GRIJGlL1pDdiv+vdtKId0krD/h4O3v5KxhD+liisr/l6+v19wWYo4lFSzN2g0QQgH89r CWyysGgziN5Ehs4g7oG/hvL57q2zPS5EqJzS/0GGG4y33nKhGu5lNK88Z4my/YsrDoEv R8HuYZ2bsVADfpc1YfL9VcqwICqBoHA+ptjtdmyVIN885uEHICBQa1SfQMMZsQXGOioN xb7DR4eIsASfYt8C7mBs8bxKvGwyQTEtOjEfNPYno+0O5GeofSLC5wN7s24bGX5vc6gd s6oA==
X-Gm-Message-State: AElRT7G6IuNe4YNdnkhCTNS/Jv8jRBuxQiRisked5cLy/WCwKVYuJaSP Ak7SR3jC8yhjPf+qQ0VLP20ytT3tYJooNRZyTIsAgA==
X-Google-Smtp-Source: AIpwx498jJMUk6TG0CDUqgT+2BqoJKWXPb3t9ztYxBouZfH8ZzKZGYc6vn+C7jA4nQBnqOOz0EBqolg9z1cb7DfovQI=
X-Received: by with SMTP id i77mr12489988wmc.46.1523018275898; Fri, 06 Apr 2018 05:37:55 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Fri, 6 Apr 2018 05:37:15 -0700 (PDT)
In-Reply-To: <>
References: <> <>
From: Warren Kumari <>
Date: Fri, 6 Apr 2018 08:37:15 -0400
Message-ID: <>
To: Job Snijders <>
Cc: tjw ietf <>, dnsop <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [DNSOP] Working Group Last Call for: draft-ietf-dnsop-kskroll-sentinel
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 06 Apr 2018 12:38:05 -0000

On Thu, Apr 5, 2018 at 1:15 PM, Job Snijders <> wrote:
> Hi all,
> While the chair notes awareness of the point I raised, I’d like the be
> explicit to avoid any confusion.
> This document is *not* ready for publication. There is no implementation
> report available for review and consideration.

[with absolutely no hats]

I get that you believe that this is wrong, but DNSOP currently has no
requirement for there to be an implementation report (nor for there to
be any implementations). The way to change this is by proposing that
this change (done), having the discussion (ongoing) and then having
the chairs declare consensus and that they will require this going
forward. It would also be useful for there to be clarity about what
exactly is required, and for what sort of documents (e.g how does one
implement attrleaf? or SUDN?), and when this would go into effect.

A number of people have told me that they wait until something becomes
an RFC before being willing implement it (some of this may be because
a significant number of adopted document have simply expired and not
been published) - suddenly requiring implementations is a large
change, and deciding it now and retroactively applying it to documents
which were about cooked seems a little unreasonable. I'd also note
that this somewhat disenfranchises participants who a: don't code and
/ or b: don't work for a vendor.

I'm (of course) fine if the WG / chairs decide that DNSOP needs
implementations before progressing documents, but your wording makes
it sound like you believe this this is already the case, and not
simply your (strong) preference.


> Should the working group produce an implementation report and demonstrate
> multiple implementations before April 15th, I’d ofcourse be willing to
> reconsider my position.
> Kind regards,
> Job
> On Thu, 5 Apr 2018 at 18:36, tjw ietf <> wrote:
>> After walking through the 168 emails on this draft in the inbox, I feel
>> we're ready to take this to WGLC.
>> (We are aware of the two points raised my Job and Paul)
>> This starts a Working Group Last Call for:
>> draft-ietf-dnsop-kskroll-sentinel
>> Current versions of the draft is available here:
>> The Current Intended Status of this document is: Proposed Standard
>> In the brushing of the camel, the draft is focused on determining if
>> a particular root key has been loaded into resolvers.
>> Please review the draft and offer relevant comments.
>> If this does not seem appropriate please speak out.
>> if someone feels the document is *not* ready for publication, please speak
>> out with your reasons.
>> This starts a two week Working Group Last Call process, and ends on:
>> 23:59 19 April 2018
>> thanks
>> tim
>> _______________________________________________
>> DNSOP mailing list
> _______________________________________________
> DNSOP mailing list

I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.