Re: [DNSOP] Second Working Group Last Call - draft-ietf-dnsop-nsec-aggressiveuse
Stephane Bortzmeyer <bortzmeyer@nic.fr> Wed, 21 December 2016 20:38 UTC
Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 226771298C3 for <dnsop@ietfa.amsl.com>; Wed, 21 Dec 2016 12:38:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f29M0IpdcV2u for <dnsop@ietfa.amsl.com>; Wed, 21 Dec 2016 12:38:09 -0800 (PST)
Received: from mail.bortzmeyer.org (aetius.bortzmeyer.org [IPv6:2001:4b98:dc0:41:216:3eff:fece:1902]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73EF3129858 for <dnsop@ietf.org>; Wed, 21 Dec 2016 12:38:09 -0800 (PST)
Received: by mail.bortzmeyer.org (Postfix, from userid 10) id 9F42E31D8D; Wed, 21 Dec 2016 21:38:06 +0100 (CET)
Received: by mail.sources.org (Postfix, from userid 1000) id A875ECA03D; Wed, 21 Dec 2016 21:37:20 +0100 (CET)
Date: Wed, 21 Dec 2016 21:37:20 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Warren Kumari <warren@kumari.net>
Message-ID: <20161221203720.GA26549@sources.org>
References: <CADyWQ+EJ0LO=pU-yUdEHwC3aP5KdXxsnD9kEvmmTeAoe0BxK3A@mail.gmail.com> <CAHw9_i+uwq9ofZ6hdG7Ngyz4s23F0XgiMSzazwFKw7DiTcEFDQ@mail.gmail.com> <20161220105915.xkrk5h57lqqfbsl2@nic.fr> <CAHw9_iL-VKTVCzXydJHsWtM+LN_sr2hR_NijhMfCCS7=RUNQaw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAHw9_iL-VKTVCzXydJHsWtM+LN_sr2hR_NijhMfCCS7=RUNQaw@mail.gmail.com>
X-Transport: UUCP rules
X-Operating-System: Debian GNU/Linux 8.6
X-Charlie: Je suis Charlie
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/x08IQlgF9ASYvXvobS7cfqb10TQ>
Cc: tjw ietf <tjw.ietf@gmail.com>, dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] Second Working Group Last Call - draft-ietf-dnsop-nsec-aggressiveuse
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Dec 2016 20:38:11 -0000
On Tue, Dec 20, 2016 at 07:38:08PM +0000, Warren Kumari <warren@kumari.net> wrote a message of 72 lines which said: > > * synthesis of NXDOMAIN from NSEC (obviously; that's the minimum) > > * synthesis of NXDOMAIN from NSEC3 (if no opt-out) > > * synthesis of NODATA from NSEC/NSEC3 > > * synthesis of positive answers from wilcards+NSEC > > * all of them? > The Google Public DNS code is constantly evolving - I'm discussing with the > team lead to see what answers I can provide to the above.... :-( > Is this a "nice to know", or do you think it needs to hold up the > WGLC? Can / should I just remove the section? To me, it is useful: the goal of this section (RFC 7942) is to inform people about whether the idea has been tested on the battlefield or not. Also, it may help address the remarks by JINMEI, Tatuya <https://mailarchive.ietf.org/arch/msg/dnsop/lCEW5hef9zmMjKSX4J-KlM3mStY> (about the fact that NODATA synthesis has not been really seriously studied). The fact that it mentioned Unbound for several iterations of the draft while Unbound actually does not implement the draft seems to indicate that IETF is not careful enough about "running code" :-(
- [DNSOP] Second Working Group Last Call - draft-ie… tjw ietf
- Re: [DNSOP] Second Working Group Last Call - draf… Warren Kumari
- Re: [DNSOP] Second Working Group Last Call - draf… Matthijs Mekking
- Re: [DNSOP] Second Working Group Last Call - draf… tjw ietf
- Re: [DNSOP] Second Working Group Last Call - draf… Stephane Bortzmeyer
- Re: [DNSOP] Second Working Group Last Call - draf… Bob Harold
- Re: [DNSOP] Second Working Group Last Call - draf… Warren Kumari
- Re: [DNSOP] Second Working Group Last Call - draf… Matthijs Mekking
- Re: [DNSOP] Second Working Group Last Call - draf… Stephane Bortzmeyer
- Re: [DNSOP] Second Working Group Last Call - draf… Ralph Dolmans
- Re: [DNSOP] Second Working Group Last Call - draf… Paul Wouters
- Re: [DNSOP] Second Working Group Last Call - draf… Stephane Bortzmeyer
- Re: [DNSOP] Second Working Group Last Call - draf… Paul Wouters
- Re: [DNSOP] Second Working Group Last Call - draf… Warren Kumari
- Re: [DNSOP] Second Working Group Last Call - draf… 神明達哉
- Re: [DNSOP] Second Working Group Last Call - draf… Stephane Bortzmeyer
- Re: [DNSOP] Second Working Group Last Call - draf… Stephane Bortzmeyer