[DNSOP] Re: [Ext] Re: Call for Adoption: draft-davies-internal-tld
Mark Andrews <marka@isc.org> Thu, 01 May 2025 00:59 UTC
Return-Path: <marka@isc.org>
X-Original-To: dnsop@mail2.ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 3128E236C8AD for <dnsop@mail2.ietf.org>; Wed, 30 Apr 2025 17:59:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.399
X-Spam-Level:
X-Spam-Status: No, score=-4.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=isc.org header.b="Def9hzHo"; dkim=pass (1024-bit key) header.d=isc.org header.b="H+kA6iZ3"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6KLvG-Sk7cRB for <dnsop@mail2.ietf.org>; Wed, 30 Apr 2025 17:59:19 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.2.50]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id EAD19236C8A8 for <dnsop@ietf.org>; Wed, 30 Apr 2025 17:59:18 -0700 (PDT)
Received: from zimbrang.isc.org (zimbrang.isc.org [149.20.2.31]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx.pao1.isc.org (Postfix) with ESMTPS id 9D5B43AB37E; Thu, 01 May 2025 00:59:17 +0000 (UTC)
ARC-Filter: OpenARC Filter v1.0.0 mx.pao1.isc.org 9D5B43AB37E
Authentication-Results: mx.pao1.isc.org; arc=none smtp.remote-ip=149.20.2.31
ARC-Seal: i=1; a=rsa-sha256; d=isc.org; s=ostpay; t=1746061157; cv=none; b=iPGoPy/S7j3mHLnTFqsFonz/fRagHRry/xem5Fl/Nm0WX7ZgXd3hL8twKXxgqIfF0JDfLwnYgH8KDcBgolU/aTpBkPHGYrnPq+ms7bQ/2brjCg6nH3RJwCkePXHFBS2B5aqfnYywnH51skOZ0UZVJZZmc1ihCgO8FZyqFelsaQY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=isc.org; s=ostpay; t=1746061157; c=relaxed/relaxed; bh=yMFj1dl/5vX7OKfSVvOItsIyzDNM6dKrbHN7MktOcdc=; h=DKIM-Signature:DKIM-Signature:Mime-Version:Subject:From:Date: Message-Id:To; b=dFXiGTctcq5Ze7UHcz6sOJOSMQZk4d4YIPnOtbni3Moa2x9GvqTdnemilXFjOrHUKjlrywu91OpszHiW+ONbwOL576/ie53nXMBIhQ6zbTyHptxiM5YQsF9mU5V0aTSUMCOoRk1XkcH5txrIS/DIXVsLKmV91ZHgB0UT63dKUhQ=
ARC-Authentication-Results: i=1; mx.pao1.isc.org
DKIM-Filter: OpenDKIM Filter v2.10.3 mx.pao1.isc.org 9D5B43AB37E
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=isc.org; s=ostpay; t=1746061157; bh=tNA7u8qJhySLASOJIViH4A5cpiLGjmj/ZlZYJ1I73oo=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=Def9hzHojSfma2bnowtgnlA6K5W+KqMiSUJCKfMnfNRrJMLDsFHnJZ68GSfUMG/EJ F2JNErilcsLByFOggkbcdrNLREb0R/A1Ne3dszQJbffBtO7VuREhAVa32CoSyZqN7T MJA2Y2pSutiyb0DjrNLn99n/YX+T54DmhR8sur2M=
Received: from zimbrang.isc.org (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTPS id 94ACC13848F6; Thu, 1 May 2025 00:59:17 +0000 (UTC)
Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTP id 703B31384F76; Thu, 1 May 2025 00:59:17 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.10.3 zimbrang.isc.org 703B31384F76
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=05DFB016-56A2-11EB-AEC0-15368D323330; t=1746061157; bh=yMFj1dl/5vX7OKfSVvOItsIyzDNM6dKrbHN7MktOcdc=; h=Mime-Version:From:Date:Message-Id:To; b=H+kA6iZ3h4VsMr4TBtBttaX/pNiSePSHeodg0fMDJvqKCoCNo0hO/3ruuAXhXd60x ceJXSJS0Af5E7pvCPnVd721G8y51bCX/8I2Gbb8vyfB2Q5gbsA5xGquyyKnJpBG1fW wsc1wnvtBDtCE2RaXdN+KO/KPx98G7VORW1fdBwc=
Received: from zimbrang.isc.org ([127.0.0.1]) by localhost (zimbrang.isc.org [127.0.0.1]) (amavis, port 10026) with ESMTP id 0VdztNnu38Tz; Thu, 1 May 2025 00:59:17 +0000 (UTC)
Received: from smtpclient.apple (n49-187-18-238.bla1.nsw.optusnet.com.au [49.187.18.238]) by zimbrang.isc.org (Postfix) with ESMTPSA id AD39513848F6; Thu, 1 May 2025 00:59:16 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.10\))
From: Mark Andrews <marka@isc.org>
In-Reply-To: <1359A8E4-E436-4EC5-B5C7-E0713A3E8182@icann.org>
Date: Thu, 01 May 2025 10:59:04 +1000
Content-Transfer-Encoding: quoted-printable
Message-Id: <B080C29F-9086-4E08-A277-37835AAB8A2D@isc.org>
References: <m1u5h1G-0000LcC@stereo.hq.phicoh.net> <83666fd3-a51f-46e1-a5ac-0b9a46361480@desec.io> <49E3B1B6-E960-4A46-9C5D-2721FD57132D@depht.com> <3b5fb9e7-8a2b-420f-a2fb-dd6f6a0b88ae@isc.org> <89047B78-A2B1-43F2-A996-94DF1E90538A@depht.com> <cc84f69c-c349-4d91-b942-80221b564a9b@isc.org> <ac48e27d-479f-42f3-b87f-891220ef2fe8@app.fastmail.com> <BE721880-6254-48F4-9F91-567A99E0511B@icann.org> <m1u7asT-0000MtC@stereo.hq.phicoh.net> <01E23110-9A50-4187-8A54-34D514504F9B@strandkip.nl> <3A48CBC3-B55B-4FCF-B713-A7CA4C7BB7CC@strandkip.nl> <8E36C1B8-C67B-4704-9E3B-7143863E2262@icann.org> <87f219df-34f0-48fa-89cf-8cb8300c86c2@app.fastmail.com> <1359A8E4-E436-4EC5-B5C7-E0713A3E8182@icann.org>
To: Paul Hoffman <paul.hoffman@icann.org>
X-Mailer: Apple Mail (2.3731.700.6.1.10)
Message-ID-Hash: J3W6QDA4CE3I6S7OR4A6BR3MBVU6WPBF
X-Message-ID-Hash: J3W6QDA4CE3I6S7OR4A6BR3MBVU6WPBF
X-MailFrom: marka@isc.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Ted Lemon <mellon@fugue.com>, "dnsop@ietf.org WG" <dnsop@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] Re: [Ext] Re: Call for Adoption: draft-davies-internal-tld
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/wigHZRpCO8b7t4NYPXB7Gz7SMI8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
> On 1 May 2025, at 03:34, Paul Hoffman <paul.hoffman@icann.org> wrote: > > On Apr 30, 2025, at 10:21, Ted Lemon <mellon@fugue.com> wrote: >> >> The reason to do an insecure delegation is so that the public dns doesn’t securely deny the existence of the zone. If there is a secure denial of existence, a validating stub resolver will not use responses from the local resolver because they will be bogus. > > This seems to be talking about a validating stub resolver that is configured to also get answers from a particular recursive resolver, yes? > > 1) Wouldn't the stub get two conflicting NS records for .internal, one from the root itself and the other from the recursive? All attempts for lookups would have a 50% chance of going to the blackhole nameserver. No. The delegating NS records in the root zone are NOT signed. Do you think the billions of sites using RFC 1918 addresses have problems with the insecure delegations that are there today in the reverse tree to break the chain of trust? To see the delegation in the parent zone the resolver has to be iteratively resolving records rather than recursively resolving records. [ant:~/git/bind9] marka% dig ns 10.in-addr.arpa +dnssec ;; BADCOOKIE, retrying. ; <<>> DiG 9.21.3-dev <<>> ns 10.in-addr.arpa +dnssec ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44229 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 1232 ; COOKIE: f15bbe2795c08317010000006812c3125f61f3dfa4e8ea4e (good) ;; QUESTION SECTION: ;10.in-addr.arpa. IN NS ;; ANSWER SECTION: 10.in-addr.arpa. 0 IN NS 10.IN-ADDR.ARPA. ;; Query time: 1 msec ;; SERVER: ::1#53(::1) (UDP) ;; WHEN: Thu May 01 10:40:50 AEST 2025 ;; MSG SIZE rcvd: 101 [ant:~/git/bind9] marka% And the non existence of the DS is still returned to the stub resolver. [ant:~/git/bind9] marka% dig ds 10.in-addr.arpa +dnssec +dnssec ;; BADCOOKIE, retrying. ; <<>> DiG 9.21.3-dev <<>> ds 10.in-addr.arpa +dnssec +dnssec ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60699 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 1232 ; COOKIE: 5de0cb91487dbfb5010000006812c3e2ef83fa391f148a11 (good) ;; QUESTION SECTION: ;10.in-addr.arpa. IN DS ;; AUTHORITY SECTION: 10.in-addr.arpa. 3388 IN RRSIG NSEC 8 3 3600 20250511163543 20250420083053 60795 in-addr.arpa. Cvr6CJVbRZkFkfwike1PrZkGW7L6Gf8dlm83tKzC6TawwDRM3UR6IDPB XGMNaSEtQtSTlHGOEGNC5TxwEeT1S4UehdCIwoYmL6TdGNZzMTJt5P/J 05aPnTURubTCzrleifciIj9Tz45E76LZTBpin+4d/TV/2q/VWfoSq2mn KCQ= 10.in-addr.arpa. 3388 IN NSEC 100.in-addr.arpa. NS RRSIG NSEC in-addr.arpa. 3388 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2024122939 1800 900 604800 3600 in-addr.arpa. 3388 IN RRSIG SOA 8 2 3600 20250521144508 20250430221516 60795 in-addr.arpa. EG7fNJr8rTltWvD45QUwwqjNP0KT+YZ223rTTa/yhJZU+tazVMEF2lqt GKbb2yYuh2LNn8lF6ersUpa6s9+G4Tro9GR7Fwb5wNWujtfwJuX2wY93 MQxvbUDyuKyiSET4rKhEHJfQ6UiijzGnMmExV90rsvYjIHhxEWuENLp8 8+4= ;; Query time: 0 msec ;; SERVER: ::1#53(::1) (UDP) ;; WHEN: Thu May 01 10:44:18 AEST 2025 ;; MSG SIZE rcvd: 522 [ant:~/git/bind9] marka% Now if I ask dig to follow the delegations from the root servers we see the public NS records. [ant:~/git/bind9] marka% dig ns 10.in-addr.arpa +dnssec +trace ; <<>> DiG 9.21.3-dev <<>> ns 10.in-addr.arpa +dnssec +trace ;; global options: +cmd . 518400 IN NS f.root-servers.net. . 518400 IN NS b.root-servers.net. . 518400 IN NS l.root-servers.net. . 518400 IN NS k.root-servers.net. . 518400 IN NS a.root-servers.net. . 518400 IN NS i.root-servers.net. . 518400 IN NS e.root-servers.net. . 518400 IN NS d.root-servers.net. . 518400 IN NS h.root-servers.net. . 518400 IN NS m.root-servers.net. . 518400 IN NS j.root-servers.net. . 518400 IN NS c.root-servers.net. . 518400 IN NS g.root-servers.net. . 518400 IN RRSIG NS 8 0 518400 20250513200000 20250430190000 53148 . gYUFYPeP+ivkATy61CKvIg6vzgdmszKa8BPlF7BlRtQxUkiwK5urmwEF doUjIg6ixKLHxm6krGGlRkbU0EBHNJTWCgBbnDUnEs6ZnFU4EJ3P81bv Cl4WvghzLa0KXVlxGI1IpYltd0Tc8NVSXa+aZp517MVD2PHSM5Vorgx5 n1j1a7dy5A/r2r9CU9ZL/S6aCzwwaGFoz8trPwrNx+elgnWld98EQqf6 S/PTlt/1djebVCsAFLWs4/b3x5N82ihNIqZx3FP0VBD0758592s1Jq7z zPOuTijXIGC57lMoqioF4R56v+I8khR6YcTU/U5eJFyIlEBNk9TN1+Lq KfD3uw== ;; Received 1125 bytes from ::1#53(::1) in 7 ms in-addr.arpa. 172800 IN NS a.in-addr-servers.arpa. in-addr.arpa. 172800 IN NS f.in-addr-servers.arpa. in-addr.arpa. 172800 IN NS c.in-addr-servers.arpa. in-addr.arpa. 172800 IN NS d.in-addr-servers.arpa. in-addr.arpa. 172800 IN NS e.in-addr-servers.arpa. in-addr.arpa. 172800 IN NS b.in-addr-servers.arpa. in-addr.arpa. 86400 IN DS 53696 8 2 13E5501C56B20394DA921B51412D48B7089C5EB6957A7C58553C4D4D 424F04DF in-addr.arpa. 86400 IN DS 47054 8 2 5CAFCCEC201D1933B4C9F6A9C8F51E51F3B39979058AC21B8DF1B1F2 81CBC6F2 in-addr.arpa. 86400 IN DS 63982 8 2 AAF4FB5D213EF25AE44679032EBE3514C487D7ABD99D7F5FEC3383D0 30733C73 in-addr.arpa. 86400 IN DS 54956 8 2 E0E2BF5CFBD66572CA05EC18267D91509BA6A9405AF05C3FD4141DFA 45200C08 in-addr.arpa. 86400 IN RRSIG DS 8 2 86400 20250513180000 20250430170000 37615 arpa. fUTcSc+mYY4L0mvp2SUgR2dVFc/j6UbeXj/tNDB2WG9SPF8ZFss9vsiN YzAtahnDKGeQ7lujlizujwDvuilx1vIOk8+9VVC5dq579WjMBRZL6rR2 c5mvEgHTnRIRWYZpGAAHSotiekifLBmWYZbl78K4iRc5iUfnRzsT5ZHC B2NvTAYFp5jDHZ7DZ2fAib6fnw3qGHtrmy5TrQFUqPAPjAOn3+yl2ibB BoEokvi0sjfak5zSySJFd3pVIR1pkA48t1sUuLbZLJY7rcmfuM26zXqU CEzv9x/LzkIetMGANRF3BK8VK1c5ax3pffkWOHbVfDjiiIQp5d7Rn98s 48Bxkw== ;; Received 936 bytes from 192.112.36.4#53(g.root-servers.net) in 279 ms 10.in-addr.arpa. 86400 IN NS blackhole-1.iana.org. 10.in-addr.arpa. 86400 IN NS blackhole-2.iana.org. 10.in-addr.arpa. 3600 IN NSEC 100.in-addr.arpa. NS RRSIG NSEC 10.in-addr.arpa. 3600 IN RRSIG NSEC 8 3 3600 20250511163543 20250420083053 60795 in-addr.arpa. Cvr6CJVbRZkFkfwike1PrZkGW7L6Gf8dlm83tKzC6TawwDRM3UR6IDPB XGMNaSEtQtSTlHGOEGNC5TxwEeT1S4UehdCIwoYmL6TdGNZzMTJt5P/J 05aPnTURubTCzrleifciIj9Tz45E76LZTBpin+4d/TV/2q/VWfoSq2mn KCQ= ;; Received 342 bytes from 2620:37:e000::53#53(a.in-addr-servers.arpa) in 301 ms 10.in-addr.arpa. 604800 IN NS blackhole-2.iana.org. 10.in-addr.arpa. 604800 IN NS blackhole-1.iana.org. ;; Received 104 bytes from 2620:4f:8000::6#53(blackhole-1.iana.org) in 298 ms [ant:~/git/bind9] marka% One can do similar with D.F.IP6.ARPA for ULA reverse space. > 2) Wouldn't having an insecure delegation in the root prevent the recursive from signing .internal itself because the root responds with an NSEC proving there cannot be a DS? It doesn’t prevent them signing the stub .internal zone. It prevents the validator validating as secure responses from .internal. Note there is no point in signing the public .internal instance the same way as we don’t sign the public 10.in-addr.arpa instances. [ant:~/git/bind9] marka% dig ns 10.in-addr.arpa @blackhole-2.iana.org +dnssec ; <<>> DiG 9.21.3-dev <<>> ns 10.in-addr.arpa @blackhole-2.iana.org +dnssec ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62526 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 1232 ;; QUESTION SECTION: ;10.in-addr.arpa. IN NS ;; ANSWER SECTION: 10.in-addr.arpa. 604800 IN NS blackhole-1.iana.org. 10.in-addr.arpa. 604800 IN NS blackhole-2.iana.org. ;; Query time: 13 msec ;; SERVER: 192.175.48.42#53(blackhole-2.iana.org) (UDP) ;; WHEN: Thu May 01 10:52:45 AEST 2025 ;; MSG SIZE rcvd: 104 [ant:~/git/bind9] marka% > Again, I could be missing something, but it seems that both of those would hurt the validating stub resolver. A validating stub resolver could instead easily be configured with the trust anchor for the recursive resolver it is configured for. Recursive resolvers don’t have trust anchors. Domain names have trust anchors. And no it isn’t easy to setup different trust anchor based on location. We have no protocol for it. Devices move between sites. > --Paul Hoffman > > _______________________________________________ > DNSOP mailing list -- dnsop@ietf.org > To unsubscribe send an email to dnsop-leave@ietf.org -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- [DNSOP] Call for Adoption: draft-davies-internal-… Benno Overeinder
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Loganaden Velvindron
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Wessels, Duane
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Manu Bretelle
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Karim Attoumani Mohamed
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Geoff Huston
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Joe Abley
- [DNSOP] Re: Call for Adoption: draft-davies-inter… S Moonesamy
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Benno Overeinder
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Joe Abley
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… tojens.ietf
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Warren Kumari
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Petr Špaček
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… David Conrad
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… David Conrad
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Joe Abley
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Philip Homburg
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Jim Reid
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Ben Schwartz
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Wessels, Duane
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Jim Reid
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Jim Reid
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Karl Dyson
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Shumon Huque
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Karl Dyson
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Wessels, Duane
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Peter Thomassen
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Philip Homburg
- [DNSOP] Re: Call for Adoption: draft-davies-inter… John R Levine
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Philip Homburg
- [DNSOP] Re: Call for Adoption: draft-davies-inter… John R Levine
- [DNSOP] Re: Call for Adoption: draft-davies-inter… John R Levine
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Philip Homburg
- [DNSOP] Re: Call for Adoption: draft-davies-inter… John Levine
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Andrew McConachie
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Philip Homburg
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Petr Špaček
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Philip Homburg
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Paul Hoffman
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Jim Reid
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… S Moonesamy
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Kim Davies
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Dave Lawrence
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Michael De Roover
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Joe Abley
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Philip Homburg
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Paul Hoffman
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Peter Thomassen
- [DNSOP] Re: DNSOP[Ext] Re: Call for Adoption: dra… Wes Hardaker
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Paul Hoffman
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Ted Lemon
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Joe Abley
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Joe Abley
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Joe Abley
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Ted Lemon
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Ted Lemon
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Roy Arends
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… David Conrad
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Philip Homburg
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Joe Abley
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Ben Schwartz
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Roy Arends
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Roy Arends
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… John Levine
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Michael De Roover
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Ben Schwartz
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Paul Hoffman
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Petr Špaček
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Philip Homburg
- [DNSOP] Re: [EXTERNAL] Re: [Ext] Re: Call for Ado… Suzanne Woolf
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… David Conrad
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Philip Homburg
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Ted Lemon
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Suzanne Woolf
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Joe Abley
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Philip Homburg
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Andrew McConachie
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Mark Andrews
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Andrew McConachie
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Joe Abley
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Mark Andrews
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Joe Abley
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Peter Thomassen
- [DNSOP] Re: DNSOPCall for Adoption: draft-davies-… Wes Hardaker
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Ted Lemon
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Warren Kumari
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Paul Hoffman
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Paul Hoffman
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Michael De Roover
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Joe Abley
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… David Conrad
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… David Conrad
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Jim Reid
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Petr Špaček
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Joe Abley
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… David Conrad
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Philip Homburg
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… Karl Dyson
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Michael De Roover
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… John Levine
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Joe Abley
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Wessels, Duane
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Paul Hoffman
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Philip Homburg
- [DNSOP] Re: DNSOP[Ext] Re: Call for Adoption: dra… John R Levine
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Kevin P. Fleming
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Philip Homburg
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Ted Lemon
- [DNSOP] Re: what problem are we trying to solve, … John Levine
- [DNSOP] Re: [Ext] Re: what problem are we trying … Paul Hoffman
- [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: dra… John R Levine
- [DNSOP] Re: [EXTERNAL] Re: [Ext] Re: Call for Ado… Paul Hoffman
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Libor Peltan
- [DNSOP] Re: [Ext] Re: what problem are we trying … Mark Andrews
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Ted Lemon
- [DNSOP] Re: [Ext] Re: what problem are we trying … Ted Lemon
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Geoff Huston
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… John Levine
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Paul Hoffman
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Shumon Huque
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Mark Andrews
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Michael De Roover
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Ted Lemon
- [DNSOP] Re: Call for Adoption: draft-davies-inter… John Levine
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… John Levine
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… John Levine
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Andrew Sullivan
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Peter Thomassen
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Michael De Roover
- [DNSOP] Re: what problem are we trying to solve, … John R Levine
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Philip Homburg
- [DNSOP] Re: Call for Adoption: draft-davies-inter… John R Levine
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Michael De Roover
- [DNSOP] Re: what problem are we trying to solve, … Ted Lemon
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Philip Homburg
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Paul Hoffman
- [DNSOP] Re: Call for Adoption: draft-davies-inter… John R Levine
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Ted Lemon
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Michael De Roover
- [DNSOP] Re: what problem are we trying to solve, … Philip Homburg
- [DNSOP] Re: [Ext] Re: what problem are we trying … Paul Hoffman
- [DNSOP] Re: Call for Adoption: draft-davies-inter… Benno Overeinder
- [DNSOP] Re: [Ext] Re: what problem are we trying … Petr Špaček
- [DNSOP] Re: [Ext] Re: what problem are we trying … Ted Lemon
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Mark Andrews
- [DNSOP] Re: [Ext] Re: what problem are we trying … Ted Lemon
- [DNSOP] Re: [Ext] Re: what problem are we trying … John Levine
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Jim Reid
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Joe Abley
- [DNSOP] Re: [Ext] Re: what problem are we trying … Joe Abley
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Mark Andrews
- [DNSOP] Re: [Ext] Re: what problem are we trying … Ted Lemon
- [DNSOP] Re: [Ext] Re: what problem are we trying … Petr Špaček
- [DNSOP] Re: [Ext] Re: what problem are we trying … John Levine
- [DNSOP] Re: [Ext] Re: what problem are we trying … Mark Andrews
- [DNSOP] Re: [Ext] Re: what problem are we trying … John R Levine
- [DNSOP] Re: [Ext] Re: what problem are we trying … Mark Andrews
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Ben Schwartz
- [DNSOP] Re: [Ext] Re: what problem are we trying … Benno Overeinder
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Paul Hoffman
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Philip Homburg
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Philip Homburg
- [DNSOP] Re: [Ext] Re: what problem are we trying … Brian Dickson
- [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Ado… Petr Špaček
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Joe Abley
- [DNSOP] Re: [Ext] Re: Call for Adoption: draft-da… Ted Lemon