Re: [DNSOP] nsec3-parameters opinions gathered

Miek Gieben <miek@miek.nl> Mon, 08 November 2021 08:00 UTC

Return-Path: <miek@miek.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A462C3A09E3 for <dnsop@ietfa.amsl.com>; Mon, 8 Nov 2021 00:00:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=miek-nl.20210112.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 70e4bf9_GK3Q for <dnsop@ietfa.amsl.com>; Mon, 8 Nov 2021 00:00:33 -0800 (PST)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE41A3A0A22 for <dnsop@ietf.org>; Mon, 8 Nov 2021 00:00:32 -0800 (PST)
Received: by mail-ed1-x534.google.com with SMTP id x15so27650042edv.1 for <dnsop@ietf.org>; Mon, 08 Nov 2021 00:00:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=miek-nl.20210112.gappssmtp.com; s=20210112; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to; bh=MUBh4+oi5yKvfa4RfFywF3bE+SlXgwOQ3qloG2X/0CA=; b=i/7ucbWkK8AwWHDnCDNPHCMkJ6WvMKGpiAxw6mkKUTxIUb+fnCzMwC5lzH4j+3PmYv v73M53pEmzbKUKoNNOLFYPIZLJYl9a7hvt94mkv6/fWNRBGzLmnH6xFe0d/97MYaI8q8 M/3BqtYh/PetT8ZQ1NhZwTGYtmW9gPTelXMQHguch91LasSd+v2SYEfnJYTw3gYGFZJj /L28ldNVbgTL4W9p7QkBKPL2dE3CTAet447JLHpD+r9fOFoGIRbYnHskipdDylJQ/0pM fagRk4KJrmUoy6IceYFUZaDVx6IV/iqhorHLPDCeqwmej7fHYMegIeJm9QDWwgu53do5 dHag==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to; bh=MUBh4+oi5yKvfa4RfFywF3bE+SlXgwOQ3qloG2X/0CA=; b=BxWXUhIUyOV5zUVWdd5zYPcGPbuLeUEYx9PxIK4QnR2bPzt5SzCdJoS2A2LwnWhd9N uV6jROnVyrdkUqOPzET4e3qY5nBeiTaIjNYgyArTze8mzBCoELR3MXZVL0bUkkIISsdm 6J/eU1dLnbQPeGtuCQvQBwiD6DE/98e3CwT84M9MzG6ABJl41GWpy7K5ulZPrIgFj916 FoehxY1L/mWQrJEGRsWsmGx39vRKvFcvHvmnm+DVZdhvN0OxW4ZWC1+nr024HWwF9+2E 2behu/9KLQ1CnY6YNkzErfBSoE30NP1X9j/ZuXvzZONZkg97ptupjRXcztdP5dsjlpbA dGzQ==
X-Gm-Message-State: AOAM530NtkKtInLt8e59TSBcMhzX1R5AF5EjWi+jrbsjIHB6k/WxSp05 pD0AawVRHvImMkqx8W1jyw+Jxiwamga7h69A
X-Google-Smtp-Source: ABdhPJzEq5hB5n8JEmgxJSixyXmDw6UoR6OZd8O5JNMiP2dSZUgkMse8007yq6GVErKbS2T9OKoLvQ==
X-Received: by 2002:a05:6402:4401:: with SMTP id y1mr65829110eda.225.1636358429429; Mon, 08 Nov 2021 00:00:29 -0800 (PST)
Received: from miek.nl (dhcp-077-251-206-012.chello.nl. [77.251.206.12]) by smtp.gmail.com with ESMTPSA id m3sm8891770eds.71.2021.11.08.00.00.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Nov 2021 00:00:29 -0800 (PST)
Date: Mon, 08 Nov 2021 09:00:26 +0100
From: Miek Gieben <miek@miek.nl>
To: Olafur Gudmundsson <ogud@ogud.com>
Cc: Benno Overeinder <benno@NLnetLabs.nl>, DNSOP Working Group <dnsop@ietf.org>, Wes Hardaker <wjhns1@hardakers.net>
Message-ID: <20211108080026.GA5135@miek.nl>
Mail-Followup-To: Olafur Gudmundsson <ogud@ogud.com>, Benno Overeinder <benno@NLnetLabs.nl>, DNSOP Working Group <dnsop@ietf.org>, Wes Hardaker <wjhns1@hardakers.net>
References: <ybl7ddnr16f.fsf@w7.hardakers.net> <206e17b4-a920-8e3e-586d-ecc29855fae3@nic.cz> <45a10ca4-93e1-3c9c-7434-83c387d5246e@NLnetLabs.nl> <E354E8D8-5584-4607-A98D-76869F5CC68B@ogud.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Disposition: inline
In-Reply-To: <E354E8D8-5584-4607-A98D-76869F5CC68B@ogud.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/zrM7UxfndenpoPC7SFIjIPtoLdY>
Subject: Re: [DNSOP] nsec3-parameters opinions gathered
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Nov 2021 08:00:49 -0000

[ Quoting <ogud@ogud.com> in "Re: [DNSOP] nsec3-parameters opinio..." ]
>The document should strongly discourage any use of NSEC3 <full stop>

I would very much see a sentence/paragraph stating this in the document as well.


/Miek

--
Miek Gieben