Re: [DNSOP] Working Group Last Call for: draft-ietf-dnsop-kskroll-sentinel

Joe Abley <> Fri, 06 April 2018 18:49 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C92711271DF for <>; Fri, 6 Apr 2018 11:49:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id uz1vi2zUzhzx for <>; Fri, 6 Apr 2018 11:49:20 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4010:c07::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id AAD7A126C22 for <>; Fri, 6 Apr 2018 11:49:19 -0700 (PDT)
Received: by with SMTP id v207-v6so1878186lfa.10 for <>; Fri, 06 Apr 2018 11:49:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=from:mime-version:references:in-reply-to:date:message-id:subject:to :cc:content-transfer-encoding; bh=Ci+nIKdJF12DR3JfE1STy6gcWcgKCLQ0XxwWct4cvCI=; b=orP+EhLbWmEFkemaJFGXcpLR5toJHlmrVlIPO/IXiGCaDkak5p4j59SZ4VCbzSIwn0 dKoSMfo32MNNY6x/mPYKR01MqASTPco1Yn61VHe3Mj8aNARJJ0dcbbLyQbreUqQ4kvI9 E7MYn0c4kpEju8oXOhfO3lmsFb0QIm3SPXtqg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:from:mime-version:references:in-reply-to:date :message-id:subject:to:cc:content-transfer-encoding; bh=Ci+nIKdJF12DR3JfE1STy6gcWcgKCLQ0XxwWct4cvCI=; b=uAHgsD9c9pMh5ZpqRZPZJu3vc39pgf12964qJCZOeFVo4Rf/8lBH5ADtEFTdFYWlzE UAyMxP5G2CwOa5ME94BID+Fh1Xy1cjU24EaWSbu4Y86LGTDCNdl5cppxk/EBn0b4ESH8 YLxcQzt+aTBh8fW4Zw+lCJ4Ucy2WAFGlwlCGJzFcmMZZBh2sexWUuQ+vF0ej/CrNzULA SQ4nyy2MckVW95zBEMKfP1T+Ts7CpzlFvnqxqtBkfDxpV1ldQuAZkp7btVqwnhjt5Yic 78TiHgShNzQVbe5qlKKo3JaFAWQkWb2x1jOoJZEihWKacbjBV3qaP+Enyy3yql4tcqm7 RniA==
X-Gm-Message-State: ALQs6tDjHqA1dmjkhSKQKN2RQh5T6PVi7rhW0eZ6MtO5yyAY5arPYbLx yMyuyPDVcn2CnRi756HWc473kO7tcKh8VNkv79uqLw==
X-Google-Smtp-Source: AIpwx4+aiRaaS9SJEKLqspD33//ETxJtoVx1/XVGjTcyEpbC9MCD0jroZFENJgUXTp7QptTsUezh1373E48bUFSNztc=
X-Received: by 2002:a19:4f5d:: with SMTP id a29-v6mr16620951lfk.97.1523040557842; Fri, 06 Apr 2018 11:49:17 -0700 (PDT)
Received: from unknown named unknown by with HTTPREST; Fri, 6 Apr 2018 11:49:17 -0700
From: Joe Abley <>
Mime-Version: 1.0 (1.0)
References: <> <> <>
In-Reply-To: <>
Date: Fri, 6 Apr 2018 11:49:17 -0700
Message-ID: <>
To: =?UTF-8?B?56We5piO6YGU5ZOJ?= <>
Cc: Job Snijders <>, tjw ietf <>, dnsop <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [DNSOP] Working Group Last Call for: draft-ietf-dnsop-kskroll-sentinel
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 06 Apr 2018 18:49:22 -0000

On Apr 6, 2018, at 14:43, 神明達哉 <> wrote:

> At Thu, 05 Apr 2018 17:15:47 +0000,
> Job Snijders <> wrote:
>> While the chair notes awareness of the point I raised, I’d like the be
>> explicit to avoid any confusion.
>> This document is *not* ready for publication. There is no implementation
>> report available for review and consideration.
> (After reading other messages in this thread) I tend to agree.  Even
> after careful reviews of protocol text, an attempt of actually
> implementing it often reveals non-negligible issues that were
> overlooked in the review.

I think it's perhaps worth looking at this from the implementation
perspective, yes.

I don't doubt that we can expect close collaboration and testing
between APNIC Labs and the various resolver implementors, especially
given the experience with 8145.

If I'm right about that, it seems to me that (a) delaying the last
call to allow any unexpected issues with the specification to be
documented and (b) including details of the testing/compliance
criteria in the document for the benefit of future implementations are
both good ideas.

In other words, don't think of this as a constraint on publication but
rather an opportunity to make the document better without holding up