Re: [DNSOP] Fwd: New Version Notification for draft-sahib-domain-verification-techniques-02.txt

Tim Wicinski <tjw.ietf@gmail.com> Tue, 15 June 2021 16:46 UTC

Return-Path: <tjw.ietf@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC2B13A3634 for <dnsop@ietfa.amsl.com>; Tue, 15 Jun 2021 09:46:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GoKNQNs_9xbr for <dnsop@ietfa.amsl.com>; Tue, 15 Jun 2021 09:46:33 -0700 (PDT)
Received: from mail-lj1-x233.google.com (mail-lj1-x233.google.com [IPv6:2a00:1450:4864:20::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ECE4E3A3633 for <dnsop@ietf.org>; Tue, 15 Jun 2021 09:46:32 -0700 (PDT)
Received: by mail-lj1-x233.google.com with SMTP id b37so9941681ljr.13 for <dnsop@ietf.org>; Tue, 15 Jun 2021 09:46:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kcKogmA7IGjewJv+dfN3HpMgkkEGKBgQs2htCFkZnb0=; b=I9U5nnspfXE7rOE2W+oDzplETbxQEl7qptyzsMsj0BPpdVPjHxwc4Nt+VvMndQyrZL Vt/VyQZQ52lkp2AWu7M6QLRa/XGKCi9MK6lWhOZIyjN9eqpMQNpl5Ev+AIGI5PZsWDte bkR7Fli3rohkYAMfxxUuK1pgs8uogj578En8GkDF05unuGqgtVcW340EPhegscmNHk5W hCFYje6Aq+umNYSAamLPHTelIAKu89Hqe+JI3KGG+W/OaHxhqLNYTEcX2okkPpXY2RzR UYxLCk4SvsEVnGSrus0qfzP6I+CCgMQ1Cnxijv0n4gl7izDZhjhLVNGHxxjpVtDtJ+OC LLOg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kcKogmA7IGjewJv+dfN3HpMgkkEGKBgQs2htCFkZnb0=; b=AlgQEwfdJ9a69f2KpdINe9t4HNoTpiC7SSdCWOzaR9FviVw0xyhgwnaELDspvqKFg4 0gAnCXZnYNNUWMtJrYyDRXm2EuZMYnAkWH+mALmKL4b+jb5zGrvtS+7ksw9PssazdZ3T 92ca2xw5aaeBbKfBLyvjkAFyBUlLxDlsrkUpzfOCIzm5f3HTEk8u6yDYXX0OHH1f4bFs JbH5U9OiNCeWiHYj1gMgl8ekgHCbhlg8XrLuFt6Ffkuh+XjwFLvy37U5jAGZmHMqg2/5 ccec2c6TnKlNFZMXmcmS1Cm8Gpj9egInjoCXRSjZ+KnOH6owIMJ3xxS0opfXopSSmrDj Ws1w==
X-Gm-Message-State: AOAM5333XkDudgT/Oj8LmPe3VfWXJvcM7+XyfCCA6BKSqyBbtzTqKfvE gjaMFRJJ3dVYHSAE7vRrXKzyNEQQrWAkZJqvA/E=
X-Google-Smtp-Source: ABdhPJwiHmHNHWa4KmG4riWwygpaKFAHuv/No0XIiIBucUZiWiZJ8GpUh82vM6Vqr5l923GxgX/jvtfqn9lclxKAXfc=
X-Received: by 2002:a05:651c:1308:: with SMTP id u8mr452176lja.21.1623775590120; Tue, 15 Jun 2021 09:46:30 -0700 (PDT)
MIME-Version: 1.0
References: <162334242319.22850.4241161345806462552@ietfa.amsl.com> <CAG3f7Mi92moegB2656HUdgQQ_i8bKw6KH0JcsBVHP+hEc22Quw@mail.gmail.com> <20210613162559.GB14433@sources.org> <CAG3f7MiFv1P=0ncCyN2=jV18KUhEo4bo20O=atjMROLchGVFuw@mail.gmail.com> <CAHPuVdUo-eBpjw7xRtbq=PcY=9oBugL6oAuijb2=0FKSNrxYkQ@mail.gmail.com>
In-Reply-To: <CAHPuVdUo-eBpjw7xRtbq=PcY=9oBugL6oAuijb2=0FKSNrxYkQ@mail.gmail.com>
From: Tim Wicinski <tjw.ietf@gmail.com>
Date: Tue, 15 Jun 2021 12:46:18 -0400
Message-ID: <CADyWQ+FgLuvBxtdGT56R=damkTyTac9pSDqwgZKNH85rwD-NNQ@mail.gmail.com>
To: Shumon Huque <shuque@gmail.com>
Cc: Shivan Kaul Sahib <shivankaulsahib@gmail.com>, "dnsop@ietf.org WG" <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000003e81d605c4d0b755"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/x_T-G57MagiCtA1vq_NS2m-1Y4w>
Subject: Re: [DNSOP] Fwd: New Version Notification for draft-sahib-domain-verification-techniques-02.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jun 2021 16:46:38 -0000

On Tue, Jun 15, 2021 at 12:38 PM Shumon Huque <shuque@gmail.com> wrote:

> On Tue, Jun 15, 2021 at 12:28 PM Shivan Kaul Sahib <
> shivankaulsahib@gmail.com> wrote:
>
>> Hi Stephane!
>>
>>>
>>> Section 4.1: you do not mention a recommended name for the
>>> subdomain. Should we suggest a name starting with an underscore, to
>>> limit the risk of collisions and to emphasize it is not a host name?
>>> (On the other hand, some users may have a limited DNS provisioning
>>> interface, which enforces a LDH restriction.)
>>>
>>
>> This draft is intended to be a survey of existing techniques and broad
>> recommendations that can be derived from the survey (hence we only discuss
>> the value of targeted domain verification). Our thought was that we should
>> leave concrete best practices for a later draft.
>>
>
> Shivan: a survey is the initial goal. But my thinking was: assuming there
> is interest in the draft first (which there appears to be), we could work
> on recommendations in a later iteration of this draft (and not a new one,
> although I could be persuaded).
>
> Yes, Stephane, we were envisioning recommending an underscore label. Of
> course, that leads to how to avoid collisions in that space, and whether we
> need to establish a registry of application service names.
>

You mean, a different registry than this one
https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#underscored-globally-scoped-dns-node-names

tim