IETF Logo Mail Archive

[DNSOP] draft-fujiwara-dnsop-delegation-information-signer

fujiwara@jprs.co.jp Wed, 04 November 2020 04:31 UTC

Return-Path: <fujiwara@jprs.co.jp>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3A253A13DA for <dnsop@ietfa.amsl.com>; Tue, 3 Nov 2020 20:31:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0GpWgqfdRLBe for <dnsop@ietfa.amsl.com>; Tue, 3 Nov 2020 20:31:41 -0800 (PST)
Received: from off-send01.osa.jprs.co.jp (off-send01.osa.jprs.co.jp [IPv6:2001:218:3001:17::10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 333F93A13D5 for <dnsop@ietf.org>; Tue, 3 Nov 2020 20:31:40 -0800 (PST)
Received: from off-sendsmg31.osa.jprs.co.jp (off-sendsmg31.osa.jprs.co.jp [172.23.8.161]) by off-send01.osa.jprs.co.jp (8.14.4/8.14.4) with ESMTP id 0A44Vd0v009043 for <dnsop@ietf.org>; Wed, 4 Nov 2020 13:31:39 +0900
Received: from off-sendsmg31.osa.jprs.co.jp (localhost [127.0.0.1]) by postfix.imss91 (Postfix) with ESMTP id 11F8C6024084 for <dnsop@ietf.org>; Wed, 4 Nov 2020 13:31:38 +0900 (JST)
Received: from localhost (off-cpu08.osa.jprs.co.jp [172.23.4.18]) by off-sendsmg31.osa.jprs.co.jp (Postfix) with ESMTP id F1782602407E for <dnsop@ietf.org>; Wed, 4 Nov 2020 13:31:37 +0900 (JST)
Date: Wed, 04 Nov 2020 13:31:37 +0900
Message-Id: <20201104.133137.359450294432060529.fujiwara@jprs.co.jp>
To: dnsop@ietf.org
From: fujiwara@jprs.co.jp
X-Mailer: Mew version 6.8 on Emacs 24.5
Mime-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-TM-AS-GCONF: 00
X-TM-AS-Product-Ver: IMSS-9.1.0.1231-8.6.0.1013-25766.004
X-TM-AS-Result: No--4.543-5.0-31-10
X-imss-scan-details: No--4.543-5.0-31-10
X-TMASE-Version: IMSS-9.1.0.1231-8.6.1013-25766.004
X-TMASE-Result: 10--4.543000-10.000000
X-TMASE-MatchedRID: RowX92bJu8RCXIGdsOwlUh5+URxv1WlBBtG6netTkaUG2HMvWEJennGC PAh3PmLX8JDf06DACvOruIOl4LurGLfBrkBZSdWArKAvSPiudyH4qCLIu0mtIDyC5ddG2JcgPCC 7nOxCdYrbpsq+MnNpYwYh55c2TdgGWgPLgW6clTUsYOarN8c4H34JYJwdJw4Tu7VJ/3iujin0ix uMZzTrwS5OHWxEkZPd02fYHuo35N6XBXaJoB9JZzl/1fD/GopdyJ1gFgOMhOnrpxhAaj4pfqRJi L+iL2tOC24oEZ6SpSmcfuxsiY4QFH1GDfB5VqzimdbzJMkbC1cMW51uRXrkn/y3S0ETdMjAAElh tWDJl2a7dr4XQDLLTDDbXXNhf+j3g8RGBmOSqjHy+adHPNXclMUPIui1kiiMomDSBjYsAHCEY0E n2JI6nUctviHZbfNAlExlQIQeRG0=
X-TMASE-SNAP-Result: 1.821001.0001-0-1-12:0,22:0,33:0,34:0-0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/y3LjcVWhnOvWGL0hD5BL9Z3Qz2w>
Subject: [DNSOP] draft-fujiwara-dnsop-delegation-information-signer
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Nov 2020 04:31:43 -0000

I submitted draft-fujiwara-dnsop-delegation-information-signer-00.

Name:		draft-fujiwara-dnsop-delegation-information-signer
Revision:	00
Title:		Delegation Information (Referrals) Signer for DNSSEC
Document date:	2020-11-03
Group:		Individual Submission
Pages:		6
URL:            https://www.ietf.org/archive/id/draft-fujiwara-dnsop-delegation-information-signer-00.txt

DNSSEC does not have a function to validate delegation information.
I think it is a large missing peace of DNSSEC.

I have a question why we did not include signature validation function
to delegation information ?

Probably, because it is non-authoritative information.
Or, because it was difficult to define the necessary and sufficient
delegation information.

It is now widely agreed (although not explicitly documented) that the
delegation information is the information used for name resolution and
does not result in name resolution.

We have a word "in-domain" glue which is the necessary and sufficient glue.

And the idea may offer the signature for root priming data.

If someone interested the document, I would like time slot at dnsop WG
meeting.

Regards,

--
Kazunori Fujiwara, JPRS <fujiwara@jprs.co.jp>

v2.23.0 | Report a Bug | By Email