IETF Logo Mail Archive

Re: [DNSOP] CDS/CDNSKEY Deployment

Moritz Müller <moritz.muller@sidn.nl> Fri, 14 January 2022 07:00 UTC

Return-Path: <moritz.muller@sidn.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E46DF3A1CC0 for <dnsop@ietfa.amsl.com>; Thu, 13 Jan 2022 23:00:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sidn.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DSEhAacHDTxH for <dnsop@ietfa.amsl.com>; Thu, 13 Jan 2022 23:00:40 -0800 (PST)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70070.outbound.protection.outlook.com [40.107.7.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A6093A1CBF for <dnsop@ietf.org>; Thu, 13 Jan 2022 23:00:40 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QnuBcoItjS4n885pGqXJQaDINPeZSBGKGepw/anoOk1+W/79BDQ+yjBR8qaJDIcVnGFDT7ESeXiij9Uv6ST2RAhwcDWMXff4WDazYLNs6MzHc9OefDTbtzKASWECNQih2NhT0ACKwQUnjAg3HrZiAiJNeW5IuejNlWEk5+uhQVxvzdIYqzIvmQCaHishDYMl+FfaNsM2qzxKUEujYQobioYGpa2i7pQ4eGr0xQtWD4j/I1TT4tuSi2nABjg5xlPrjJhpX+X3N+DlvLD8fzgcIwL+o2j9JgQvK8KoyqgE8JgyQjiQ8xLnD8DzfhJxOkE/MOse6l8a/58MBu80/O8FuQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gAMVkhcMOGAF4bbLn/PmrG2lYFRMt9MEkdQqTRcHgVA=; b=PnX7dqbqk+6UqGhfhhgtM4VgdusGuLaB4dioRrcn2qm4IsZKJceEruqnVcqho0D3DBeaSwb+V6q3s1Yg+tiFbODWmGQdRhOOC/pbacQIdE+lEG8IsQVCVQJTRZ4WfXGOEz5LCRrMAzML3Zt9AJKPL9iBrAqk+VhtMi1zdJ1XpEDMoE1w3oxpm0mGCEu86wrBKSU9i+P/4XWOOpx0kOhjqTxcL8meBl7FbSUhvrDR1GJbvDwePfbGIVcE5QdSVd5ZePnxXhYtB0Yncq61E7dxRRjZRgzHd998rAh/SYKY6oi/eQWm55oCabd/w5par6ntloqsE5QRwgOqVvNq2V/wjQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sidn.nl; dmarc=pass action=none header.from=sidn.nl; dkim=pass header.d=sidn.nl; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sidn.nl; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gAMVkhcMOGAF4bbLn/PmrG2lYFRMt9MEkdQqTRcHgVA=; b=mlGabAVWLyeQDMeh7/g3OmE9jOtNQBRldDUoBYeKihXEkYRzRjD2Yf28cJDvEa6loaEENAb6+90gg1PxDpbm17WYShnwkXyMBulzHk6/okPCKPTHKIb0FVB57Mx538FyVNaNsEwSeu4yfMOpKjqS15tfpqMv+eDbqIqIesTGWew=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=sidn.nl;
Received: from AM8P194MB1514.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:3d9::20) by AM0P194MB0402.EURP194.PROD.OUTLOOK.COM (2603:10a6:208:63::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.10; Fri, 14 Jan 2022 07:00:33 +0000
Received: from AM8P194MB1514.EURP194.PROD.OUTLOOK.COM ([fe80::29dc:c703:b98c:88a3]) by AM8P194MB1514.EURP194.PROD.OUTLOOK.COM ([fe80::29dc:c703:b98c:88a3%6]) with mapi id 15.20.4888.012; Fri, 14 Jan 2022 07:00:33 +0000
Content-Type: multipart/signed; boundary="Apple-Mail=_75FFE9F7-EB2C-4307-8844-69696001EB40"; protocol="application/pgp-signature"; micalg="pgp-sha256"
From: Moritz Müller <moritz.muller@sidn.nl>
In-Reply-To: <75c4bcad-ce70-3d08-8f3a-d123a0603a31@switch.ch>
Date: Fri, 14 Jan 2022 08:00:32 +0100
Cc: Eric Rescorla <ekr@rtfm.com>, dnsop WG <dnsop@ietf.org>
Message-Id: <3CEC66C4-1167-44F9-835B-43C3771BC15E@sidn.nl>
References: <CABcZeBMrRDqgCbNAAL=zjRqNZ-u8orw0G_2Wk5kZjxhR8WKnxw@mail.gmail.com> <eb5b99f1-9e4b-537d-097a-635816458f1b@switch.ch> <75c4bcad-ce70-3d08-8f3a-d123a0603a31@switch.ch>
To: Daniel Stirnimann <daniel.stirnimann@switch.ch>
X-Mailer: Apple Mail (2.3693.20.0.1.32)
X-ClientProxiedBy: AM9P193CA0027.EURP193.PROD.OUTLOOK.COM (2603:10a6:20b:21e::32) To AM8P194MB1514.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:3d9::20)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 0365862a-1062-4da2-863d-08d9d72b8f07
X-MS-TrafficTypeDiagnostic: AM0P194MB0402:EE_
X-Microsoft-Antispam-PRVS: <AM0P194MB040213F7C05F313331FBA34FF0549@AM0P194MB0402.EURP194.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 0/z5O/NiY8WrQdIUK2mxTDvvaiWkPA1MqTou9s3YYA1jLIhDPTa7pFwykvcn4ip1mQSpDHNhDw3e0QfSAaICbhNafZevzRwKQZXULhKhCXXQWm05C6WRzjVwwj4LGqAWJ3FxeM5fTnNJR7jizmdp54cbJ8J+Ret5GDLNMJa/lrNqtSvcC+CiL6+MlAGRuQaTPVaOB4l5yGp8MyeSfaXHzANZfDxjlnQB5f/K6FpCzdR4WzWqLVeaE2yA0U4pdrwa2nQSIhB/f6EUulvogK4uuzA9LPEF8tPf8XD2kD7QNwlEKiSdEgPOBcJWzEpwJs6zFqWHyTzt0wAYW76eC+qLW4xwHO28wAcKkJqsGSuoARcorp/il4FRmYayx/utFBuUsnpIQF0jrHhyj46drGjnS4naU99wSOsc4k90DufDlCs25+WCC8+xv1DHFbVNzgV5pqzVkOSJEAwauOB1Gi3BC/4DTTAB8INMwvJmSP6hJ6Zi0S8Viq+B6EIOZWEdkEH5/Vv1P6GGE4hTAPDiXE0+YS1Y922fRd369OF2Gbd3AijvL1Eg+kXRvF5a1Jc5pLkId5eV1Yu6cCeLt1mRDe9tZcC/PYPuoiQ1mwnjkL+GRXC+ATsi3utCt6zfvdr1UwuZqMJr9Ok11p6ROVgzyo9Wnk/TFll0Sh/SIEGLMMsOyu/C2xhOcLT4Givcuq9OBkv1fmhH4fgwUKGuiJCyfBvNg2Nmfxm5ZD9uPSA0qOOIzZTB5AdoCUozma4xDOZyQfLzIWFIlBRjT4F0JpkyB8MtWj2iHwX0DoFMfsCXDM5yAdFkRkQ+AdTf+cpwe2+ywZ0e
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM8P194MB1514.EURP194.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(366004)(6916009)(86362001)(6512007)(8936002)(66946007)(66556008)(66476007)(2616005)(2906002)(316002)(54906003)(33656002)(5660300002)(235185007)(6486002)(52116002)(26005)(966005)(508600001)(4326008)(33964004)(53546011)(6506007)(38100700002)(38350700002)(186003)(36756003)(8676002)(83380400001)(45980500001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: VroxjcKPuXUolQZEflXoT6N1NKcN4vOpbB+COdCuH6ssOVrQb/PigAg0X0qasdCQHVEnFneacqz+2EUM6LzM7SXi8wVfejlMGU++8ZBbHYSwTbqR+wIUgwiAPQ75LdlkjG7ZstVycIt3VDR7F9oc6W5WD8A1o2U3aeB6ZOpyQ/d6gpNtqRu7Q41UE+fiAcw7r1qCJgK0zgxyG9Bp0w228lObntD2Hpf+SqauSvHjnnOK7ahSRcgS9yaIy7nvSwMSluNpDWDqQFmEX7QTNqEPOQowKI0V/vcyj9mUvvudbWGMMBriBxrYNi+DqXzJRm0A+FTmrHTcEa25i/roLUHQ0ls2fjrl+mOJ5daFlJiLvWKi389aZI95RTmqlwVA47DmupM6GI2qKzqdnOmfwUZaR5L1le6Cd7EyDOmfWUakTmehMC5eJXPdtx2fKBagWwE7HHgYnlwFcLqnJUocpU/eA2yoKZuJdev7fMRBYXmm3KyhT3YWGmbXHDe5K5Vi/nM6iLQpbNVGTbCZTwuwbOgWDP0zv8VrjtA3b0fOW1tC89u53rMRBHj1D11ukcbFN0Q3BetVCjj1HchXDe4vzcp+2B7DV6uZBHFNJpFVZG5PZFWtcGm8bY/tDyZ2Y8AdNIrvFVPDydnLwPvtqzhDKDJuJn37gD0grnJ3PBV6FjaY8sSxPamJSXCJaSoKBPOVsPyYR8y7t6arZu6Ry0jaHYJk93ScQc6eLHFdF68MvuQ3lDkp4XOpCNBcETElHt3/HVJM1n2fLevIInK4bFqpTyDgGIyf1hxxaHcJ6vIDnRpCJRquxukEXE+WUtn+4VlOFG5I0Ke0tWQbLnPOAuPbCD28wcsb/RUnVCk0pj5tBxnsk+qrCoj+J3FC0+hTwi9Nc5Op3wwkMAk42JI2+SeG4cpDqBylEGWGkishkTb4EYCac87F30chvCjDtvAJ+DTcfHjlq0Or8svwr+lLYBKJvrI8OteAc9Wi2jR9cNa8+qBQH48aWYBw0ej5iXEyFxKJEtg5/z/Q98v1Xebjbb6zRjZ4bNQaj6ci2eTNHTcWgub+y7iB7uxZPFpPnQ51V2cCARAHTWq689hNfsdGelj/HdGLUqHkO+tIAY0/v5q+73BR3GCQnLS5DDvpV1Q2maniOIEIGxxc9i+kJJ9uNDnnEpGkqD0JhVteXqyt7MlggWXu2d4o4d0pB3RRA245FV1hCzoMR3WAo2fKYdEu8IR4VoTWqxtnxe2EXZ6eAcIeCoerJC1Mb+CN35nSJMhX4gKNcsUuHBqAnpqMMgShbNq9mxMRDp/CbkWYJ0JSKTof8wQnEmd7xOIwkax0HPkV1bz5VazPKhH6OMOHSUDR7517gbqegsRdst8oz8e6GX5G398GB7DITI9IN0uLhr64ItTdpxmtwfUlJQUVTYMcFw1AyN9OwSamcWNVzWKIF00mtPGJjFUOPvYOMmXAlcjsygzZs1222rJyxNcLXWu2NPWXTVHRmw5qqjUj+l8t6xjpM5xyaur//KHKrlv68CeClKXmwEUgqF3HXH20qE+dJt2XNDXVIAapCpI3VyvPsq/0uJg0ydveeTHcIt//BxCn1l8OJQt2gmhv99B7xotwiDzvInV28EfvqnxQijOdMEUm78euni8=
X-OriginatorOrg: sidn.nl
X-MS-Exchange-CrossTenant-Network-Message-Id: 0365862a-1062-4da2-863d-08d9d72b8f07
X-MS-Exchange-CrossTenant-AuthSource: AM8P194MB1514.EURP194.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Jan 2022 07:00:33.3929 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: ab4d3626-c1c5-4a75-ab85-427f1a644a7d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: G/VTjS1YJI3+8vRHVFtcDeJjRVQdmbpTaahMSIXhHks36+d/6miiG+CgHQVbgJlSW2kNGm1j5i2cfdhT/oBxHQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0P194MB0402
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/wrjUyQPRWTXfhZ4oH7FHBth96SQ>
Subject: Re: [DNSOP] CDS/CDNSKEY Deployment
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jan 2022 07:00:46 -0000

I’ve supervised an undergraduate student last year, who looked a bit into CDS Deployment [1].
Though he mostly analysed .ch data as well.

Moritz

[1] http://essay.utwente.nl/86832/1/van%20Beijnum_BA_EEMCS.pdf



> On 13 Jan 2022, at 14:14, Daniel Stirnimann <daniel.stirnimann@switch.ch> wrote:
> 
> I meant to say "For 2021 we processed".
> 
> Still need to get used to typing the new year :-)
> 
> Daniel
> 
> On 13.01.22 14:11, Daniel Stirnimann wrote:
>> Hi Eric,
>> 
>> Some statistics for .ch/.li which are some of the few TLDs supporting
>> CDS/CDNSKEY [1].
>> 
>> For 2020 we processed:
>> 
>> 189'206  BOOTSTRAP
>> 518      DELETE
>> 44'749   ROLLOVER
>> 
>> Slide 3 [2] contains some more historical numbers. Context about the
>> number of signed delegations in .ch [3].
>> 
>> Daniel
>> 
>> [1] https://github.com/oskar456/cds-updates/
>> [2] https://68.schedule.icann.org/meetings/EqJCzT5N6kcZhh2TT
>> [3] https://www.nic.ch/statistics/dnssec/
>> 
>> 
>> On 13.01.22 04:12, Eric Rescorla wrote:
>>> Hi folks
>>> 
>>> Does anyone have stats on the deployment of CDS and/or CDNSKEY? I see
>>> that Chung et al. report very low deployment in 2017, but maybe things
>>> have changed?
>>> 
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email