IETF Logo Mail Archive

Re: [DNSOP] A new version of mixfr

Mark Andrews <marka@isc.org> Wed, 28 March 2018 20:28 UTC

Return-Path: <marka@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44DE31200F1 for <dnsop@ietfa.amsl.com>; Wed, 28 Mar 2018 13:28:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.911
X-Spam-Level:
X-Spam-Status: No, score=-6.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gKe_jxkWU0hq for <dnsop@ietfa.amsl.com>; Wed, 28 Mar 2018 13:28:28 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.64.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04A4C126DFB for <dnsop@ietf.org>; Wed, 28 Mar 2018 13:28:27 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id 2D1863AB1D4; Wed, 28 Mar 2018 20:28:26 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id F0678160079; Wed, 28 Mar 2018 20:28:25 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id B4E34160077; Wed, 28 Mar 2018 20:28:25 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id bBYcYWzIWQL7; Wed, 28 Mar 2018 20:28:25 +0000 (UTC)
Received: from [172.30.42.89] (c27-253-115-14.carlnfd2.nsw.optusnet.com.au [27.253.115.14]) by zmx1.isc.org (Postfix) with ESMTPSA id 54806160053; Wed, 28 Mar 2018 20:28:25 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (1.0)
From: Mark Andrews <marka@isc.org>
X-Mailer: iPhone Mail (15D100)
In-Reply-To: <20180328150651.GQ62218@registro.br>
Date: Thu, 29 Mar 2018 07:28:22 +1100
Cc: Matthijs Mekking <matthijs@pletterpet.nl>, dnsop@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <39423F2A-5D0A-435C-85A7-46813D001198@isc.org>
References: <d7c4fc25-9d4b-d934-bad3-61e7b8364ca2@pletterpet.nl> <20180328150651.GQ62218@registro.br>
To: Frederico A C Neves <fneves@registro.br>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/z3mdmT-pIiNnssKzf4csydtMBBw>
Subject: Re: [DNSOP] A new version of mixfr
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2018 20:28:30 -0000

No. You can have multiple nsec3 chains in a zone at the same time. Only one is active.  Some may be incomplete. 
 
Named builds and destroys chains incrementally to avoid large changes. 

Timely ness of changes is more  important than volume of changes.

-- 
Mark Andrews

> On 29 Mar 2018, at 02:06, Frederico A C Neves <fneves@registro.br> wrote:
> 
> Hi Matthijs,
> 
>> On Wed, Mar 28, 2018 at 03:31:57PM +0200, Matthijs Mekking wrote:
>> All,
>> 
>> It's been a while, but I have put up a new version of the MIXFR draft:
>> 
>>     https://tools.ietf.org/html/draft-mekking-mixfr-02
>> 
>> The IETF 101 Hackathon lead to the revival of this draft.
>> 
>> Changes after the three year sleep:
>> 
>> - I removed the IXFR Gone Wild section. This document should focus in 
>> the in-band transfer improvements. I know there are others who like to 
>> see and work on a new DNS transfer protocol, but one does not exclude 
>> the other.
>> - Intended status: Standards track.
>> - Added a clarification from Bob Harold about class ANY (from 2015).
>> - Remove ambiguous "Delete All RRsets of a Type".
>> - Affiliation changes.
>> 
> 
> Thanks for bringing this back. I like the simplification with the
> removal of the wild section.
> 
> One comment,
> 
> [3.1] As section 3 states that MIXFR is DNSSEC aware we need text
> regarding NSEC3PARAM update as well.
> 
> For that I suggest to change 3.1 section name and include an extra
> paragraph.
> 
> 3.1 Implicit DNSSEC deletions
> 
> When an NSEC3PARAM is modified, the MIXFR client MUST also remove all
> existing NSEC3 records on the zone.
> 
> 
> One clarification question,
> 
> At 3.6, last paragraph, what is the practical case that a updated
> record has an RDLENGTH of zero bytes?
> 
>> Who would like to contribute, review, and all that great fun?
>> 
>> Github is here: https://github.com/matje/mixfr
>> 
>> Best regards,
>>   Matthijs
> 
> Fred
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email