Re: [DNSOP] Call for Adoption: Compact Denial of Existence in DNSSEC
John Levine <johnl@taugh.com> Mon, 17 April 2023 01:30 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3F66C14CE47 for <dnsop@ietfa.amsl.com>; Sun, 16 Apr 2023 18:30:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.846
X-Spam-Level:
X-Spam-Status: No, score=-1.846 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="Zfr9OZkN"; dkim=pass (2048-bit key) header.d=taugh.com header.b="xwoSQdSs"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0NIg05PtEp1A for <dnsop@ietfa.amsl.com>; Sun, 16 Apr 2023 18:30:02 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C1F2CC14CE42 for <dnsop@ietf.org>; Sun, 16 Apr 2023 18:30:01 -0700 (PDT)
Received: (qmail 8832 invoked from network); 17 Apr 2023 01:29:59 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=227e.643ca117.k2304; bh=Wmkz46EzU2zl3IomuYco3L2OGZ1OTjRLUwVopWj7wXY=; b=Zfr9OZkNPlqyXCQbDAGisZAan+GytELeJzGnZK8xFtMg57HQuIc9sfOkkgPN2l3sPuYhmkvW0ThfS/9GuT/nglKlpVDWP7T/phCUaMdUUlLFBs/0WRgloUUYfif5PqlZ6BHjv78USEln46twkGG8X3P0OFajvm+OljN+fsjJ1wVAMw+BmyY1UKbL/uNNPad0nUUMxPwgdtmjAVSvKdH4iiDLw8nU7e9j8HeJrUEA1BsysbrprFKXodKHfSUu1upf266ai7X6lDEEi8PpyolBQ/nzpsQU6UWJ529WPv4IHKk9E8LBphFk5KplZX7/uPFGIWPBTnilW8gl1nECJETSXA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=227e.643ca117.k2304; bh=Wmkz46EzU2zl3IomuYco3L2OGZ1OTjRLUwVopWj7wXY=; b=xwoSQdSsqzruGb7wHh83bROjAnVhssrL5CVA/czjkktk/sc3jUXgBmiIkrSV3Oi0I2P4GC4IWkNXoR/V+Wmu9p6NMMaiCBGKfCTdU6q95656vFEhxGw4hrXnll5GUtgkBQ228lR4C80Z3n6zGEZaknFpV4L/93TRYEFuTCepq/0XCYd3I4tBd1i/NvnmkVyxqQ1CMrBpo+ICel8JAlsa7WDk8nbTTYS7V6W7ICTsbQYm0HSl8S/GMeQrHU/x64mZDXTpI+NTkrfJ9TvYjHSBn+hjsiih5Yp5OdQU66DruB5A/C7JaQSdrase6ikEg00XmT7UCDn29+W6aeQ0MIiCvg==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 17 Apr 2023 01:29:58 -0000
Received: by ary.qy (Postfix, from userid 501) id D4B67BF39C24; Sun, 16 Apr 2023 21:29:57 -0400 (EDT)
Date: Sun, 16 Apr 2023 21:29:57 -0400
Message-Id: <20230417012957.D4B67BF39C24@ary.qy>
From: John Levine <johnl@taugh.com>
To: dnsop@ietf.org
Cc: tjw.ietf@gmail.com
In-Reply-To: <CADyWQ+FBpaKY+7HcfLw1++A0PPBAGH+BFCwFQeujPZAfSm4UyA@mail.gmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/zFngXAK7wSSlbEQvselUqNbPXSg>
Subject: Re: [DNSOP] Call for Adoption: Compact Denial of Existence in DNSSEC
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Apr 2023 01:30:06 -0000
It appears that Tim Wicinski <tjw.ietf@gmail.com> said: >-=-=-=-=-=- > >Happy Monday (UTC) All, > >The chairs heard some strong support to adopt and work on this. > >This starts a Call for Adoption for draft-huque-dnsop-compact-lies > >The authors did do some updates in the draft around the "lies" moniker. >Once adopted perhaps someone can suggest a better draft name. > >The draft is available here: >https://datatracker.ietf.org/doc/draft-huque-dnsop-compact-lies/ > >Please review this draft to see if you think it is suitable for adoption >by DNSOP, and send any comments to the list, clearly stating your view. I think we should adopt it but I am quite unhappy that in its current form, there is no way for clients to tell when a server is using this hack, and it silently turns NXDOMAIN into NODATA for existing clients that haven't added code to look for NXNAME. I would be OK with an EDNS0 "tell me lies" flag from the client. It would only affect NXDOMAIN resposnes, which could use the NXNAME hack if the flag is set, otherwise the server has to return a real NXDOMAIN. R's, John
- [DNSOP] Call for Adoption: Compact Denial of Exis… Tim Wicinski
- Re: [DNSOP] Call for Adoption: Compact Denial of … John Levine
- Re: [DNSOP] Call for Adoption: Compact Denial of … Joe Abley
- Re: [DNSOP] Call for Adoption: Compact Denial of … Paul Wouters
- Re: [DNSOP] Call for Adoption: Compact Denial of … Shumon Huque
- Re: [DNSOP] Call for Adoption: Compact Denial of … Paul Vixie
- Re: [DNSOP] Call for Adoption: Compact Denial of … Brian Dickson
- Re: [DNSOP] Call for Adoption: Compact Denial of … Tim Wicinski