Re: [DNSOP] [Ext] Questions / concerns with draft-ietf-dnsop-svcb-https (in RFC Editor queue)
Erik Nygren <erik+ietf@nygren.org> Thu, 08 September 2022 16:34 UTC
Return-Path: <nygren@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC79DC1522D8 for <dnsop@ietfa.amsl.com>; Thu, 8 Sep 2022 09:34:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.404
X-Spam-Level:
X-Spam-Status: No, score=-1.404 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wiU8VoRUJtt7 for <dnsop@ietfa.amsl.com>; Thu, 8 Sep 2022 09:34:37 -0700 (PDT)
Received: from mail-pj1-f43.google.com (mail-pj1-f43.google.com [209.85.216.43]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BAB53C152576 for <dnsop@ietf.org>; Thu, 8 Sep 2022 09:34:28 -0700 (PDT)
Received: by mail-pj1-f43.google.com with SMTP id j6-20020a17090a694600b00200bba67dadso3007463pjm.5 for <dnsop@ietf.org>; Thu, 08 Sep 2022 09:34:28 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=Pj462gbdw3niEyi2Yd6FxYOYWXKWN7bKW2JGUPPoXqo=; b=3gACi2dkoWNTyi9Jmq4JCUH22vaYX76GQCKacZcNQn8dfcgO0dhWDghjl4DlH1FY1A xvByjLiR6SMQgGTSI18Bq1fgMyiQq0XUJrT5n2x4gFxxL6cr/vwtp0mtzGXBgzTwYH8N gAZKQkFT8M74SCq6cLV98xsvg3aFanjglu/jaID9HoiLGcrQW8IAWW7I3tIqjCHxJO5O VA9Jp55EEAIlhSm0yGnrQDbNBbnFU6zrblPP/30tTvvAhIG2RTJRXX0j9NOpkUlL+S6R qNruy7dgzu1Zmmvjhxt9MP2+vMOOAk6c+FpeJos/HUW0Bmx77k2Fo60fMkJwc1g2TnRf eVkg==
X-Gm-Message-State: ACgBeo2FlFKhOoPgyIdjF3Q/Jo81WdyL/2WDQa6QkixRZiFI6Yezd6+E peHVsiwtJIpLmH5LtvQWEg9Jj7PFwsLs/UMu7EItD8nKg9g=
X-Google-Smtp-Source: AA6agR6j8cJeorYMqu3j7Wb0+qnXc3JMA6LUvEC173CgHRE68f0sQ1DT9SbYPoHbwIhvw/TZTBJQMf6aa7EkSMA6tl8=
X-Received: by 2002:a17:902:ec88:b0:175:d8f:44b with SMTP id x8-20020a170902ec8800b001750d8f044bmr9640526plg.84.1662654868070; Thu, 08 Sep 2022 09:34:28 -0700 (PDT)
MIME-Version: 1.0
References: <CAHw9_iJg7yTECPbPvSNxac21My4SqPjMjhYS4tFRWBzFmjkLjg@mail.gmail.com> <CAH1iCipoo2u2h8XtJp8iwrg-bonMC785RehC3bVzbMKaLv+Kpg@mail.gmail.com> <0203FD85-487D-4B64-88BF-818B5BE0BC70@apple.com> <CAHbrMsCZSkakKvnxTsqQ0JmywNAHwVC1DyN0aVJ72sH7fgy6pA@mail.gmail.com> <CAHw9_iLNSnwUyZomkQ49Czhk-evy1Z4LjL7CfVhP7EFvZpBh5A@mail.gmail.com> <Yxk1Iikv8XazQa7o@straasha.imrryr.org> <Yxk7ycs0274UMSSh@straasha.imrryr.org> <0A4F52A8-378F-4222-9E5A-041A82E97C79@icann.org> <CAH1iCiriUcqprYj+LJGoo40o-dRsYyGmOFU_6VWbTXBt8+xnJw@mail.gmail.com> <A222DD8A-517D-4D7C-AB8E-2EEB99FF1C7E@icann.org> <YxoLstfurrWgGZUs@straasha.imrryr.org> <11DAF42E-DFDA-49EA-A021-91A6979992E6@icann.org>
In-Reply-To: <11DAF42E-DFDA-49EA-A021-91A6979992E6@icann.org>
From: Erik Nygren <erik+ietf@nygren.org>
Date: Thu, 08 Sep 2022 12:34:16 -0400
Message-ID: <CAKC-DJhwHh1UTDOt20wA_1JDYjnpp0chV2fqii3rLhF_nUGzdA@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: "dnsop@ietf.org WG" <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cba7c405e82d0041"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/yDUPUeCmb0n68XSLD9rQGKkQaQo>
Subject: Re: [DNSOP] [Ext] Questions / concerns with draft-ietf-dnsop-svcb-https (in RFC Editor queue)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Sep 2022 16:34:38 -0000
There seem to be two topics: 1) Victor's clarification makes sense, although the wording is a little awkward and perhaps we can improve that sentence. The section was already implying that meaning (ie, that the fallback addition of the QNAME was for the AliasMode case) but clarifying this in a more normative way seems worthwhile and not a technical change. I'd propose we refine this PR and incorporate it as the "clarifying sentence" that Warren was willing to accept. 2) There is the issue of whether attrleaf labels are valid owner names for A/AAAA records. This document does not seem like the place to land that, and it seems like it may be open for interpretation as different implementations may have interpreted it differently. If anything, we might add a non-normative sentence like: "Some implementations may not allow A or AAAA records on names starting with an underscore due to various interpretations of RFCs. This could be an operational issue when the TargetName contains an attrleaf label, as well as using an TargetName of "." when the owner name contains an attrleaf label." This wouldn't be a normative change but just an operational warning --- would this be acceptable to include at this stage? Further clarification of this seems worth a draft in its own right since the existing RFCs are inconsistent on this topic and there is room for multiple interpretations, as shown in some implementations. On Thu, Sep 8, 2022 at 12:05 PM Paul Hoffman <paul.hoffman@icann.org> wrote: > On Sep 8, 2022, at 8:35 AM, Viktor Dukhovni <ietf-dane@dukhovni.org> > wrote: > > This is a bug fix, the proposed behaviour makes no sense when $QNAME > > is the unaltered (attrleaf prefixed) starting point. The current > > meaning was not intended. If the edit can be made without any > > major process, just a note to the RFC editor, it'll save errata, > > and possible confusion later. > > A technical change made after the IESG review requires, at a minimum, > another IESG review. The IESG could ask for another IETF review, if they > want. It's up to Warren, the responsible AD, to decide if that's "major > process". > > --Paul Hoffman > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
- [DNSOP] Questions / concerns with draft-ietf-dnso… Warren Kumari
- Re: [DNSOP] [Ext] Questions / concerns with draft… Paul Hoffman
- Re: [DNSOP] [Ext] Questions / concerns with draft… Warren Kumari
- Re: [DNSOP] Questions / concerns with draft-ietf-… Brian Dickson
- Re: [DNSOP] Questions / concerns with draft-ietf-… Stephen Farrell
- Re: [DNSOP] Questions / concerns with draft-ietf-… Martin Thomson
- Re: [DNSOP] Questions / concerns with draft-ietf-… Stephen Farrell
- Re: [DNSOP] Questions / concerns with draft-ietf-… Viktor Dukhovni
- Re: [DNSOP] Questions / concerns with draft-ietf-… Eric Orth
- Re: [DNSOP] Questions / concerns with draft-ietf-… Viktor Dukhovni
- Re: [DNSOP] Questions / concerns with draft-ietf-… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Paul Hoffman
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Eric Orth
- Re: [DNSOP] [Ext] Questions / concerns with draft… Paul Hoffman
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Ben Schwartz
- Re: [DNSOP] [Ext] Questions / concerns with draft… Viktor Dukhovni
- Re: [DNSOP] [Ext] Questions / concerns with draft… Ben Schwartz
- Re: [DNSOP] [Ext] Questions / concerns with draft… Viktor Dukhovni
- Re: [DNSOP] [Ext] Questions / concerns with draft… Tommy Pauly
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Ben Schwartz
- Re: [DNSOP] [Ext] Questions / concerns with draft… Erik Nygren
- Re: [DNSOP] [Ext] Questions / concerns with draft… Viktor Dukhovni
- Re: [DNSOP] [Ext] Questions / concerns with draft… Warren Kumari
- Re: [DNSOP] [Ext] Questions / concerns with draft… Viktor Dukhovni
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- [DNSOP] HSTS on receiving a signed HTTPS record (… Martin Thomson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Warren Kumari
- Re: [DNSOP] Questions / concerns with draft-ietf-… Viktor Dukhovni
- Re: [DNSOP] [Ext] Questions / concerns with draft… Paul Hoffman
- Re: [DNSOP] HSTS on receiving a signed HTTPS reco… Eric Orth
- Re: [DNSOP] HSTS on receiving a signed HTTPS reco… Brian Dickson
- Re: [DNSOP] HSTS on receiving a signed HTTPS reco… Eric Orth
- Re: [DNSOP] [Ext] Questions / concerns with draft… Tommy Pauly
- Re: [DNSOP] HSTS on receiving a signed HTTPS reco… Ben Schwartz
- Re: [DNSOP] [Ext] Questions / concerns with draft… Ben Schwartz
- Re: [DNSOP] [Ext] Questions / concerns with draft… Warren Kumari
- Re: [DNSOP] [Ext] Questions / concerns with draft… Viktor Dukhovni
- Re: [DNSOP] [Ext] Questions / concerns with draft… Viktor Dukhovni
- Re: [DNSOP] [Ext] Questions / concerns with draft… Paul Hoffman
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Martin Thomson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Brian Dickson
- Re: [DNSOP] [Ext] Questions / concerns with draft… Viktor Dukhovni
- Re: [DNSOP] [Ext] Questions / concerns with draft… Paul Hoffman
- Re: [DNSOP] [Ext] Questions / concerns with draft… Viktor Dukhovni
- Re: [DNSOP] [Ext] Questions / concerns with draft… Paul Hoffman
- Re: [DNSOP] [Ext] Questions / concerns with draft… Erik Nygren
- Re: [DNSOP] [Ext] Questions / concerns with draft… Warren Kumari
- Re: [DNSOP] [Ext] Questions / concerns with draft… Erik Nygren
- Re: [DNSOP] [Ext] Questions / concerns with draft… Erik Nygren