Re: [eppext] Working Group Last Call for draft-ietf-eppext-keyrelay

Antoin Verschuren <ietf@antoin.nl> Thu, 23 July 2015 15:01 UTC

Return-Path: <ietf@antoin.nl>
X-Original-To: eppext@ietfa.amsl.com
Delivered-To: eppext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E37B1ACED1 for <eppext@ietfa.amsl.com>; Thu, 23 Jul 2015 08:01:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.083
X-Spam-Level:
X-Spam-Status: No, score=0.083 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kQdlH_-kITW5 for <eppext@ietfa.amsl.com>; Thu, 23 Jul 2015 08:01:44 -0700 (PDT)
Received: from walhalla.antoin.nl (walhalla.antoin.nl [88.159.164.218]) by ietfa.amsl.com (Postfix) with ESMTP id 8A7CB1ACE56 for <eppext@ietf.org>; Thu, 23 Jul 2015 08:01:44 -0700 (PDT)
Received: from [IPv6:2001:67c:370:136:1482:cef5:f9d3:1d36] (unknown [IPv6:2001:67c:370:136:1482:cef5:f9d3:1d36]) by walhalla.antoin.nl (Postfix) with ESMTPSA id DA080280361 for <eppext@ietf.org>; Thu, 23 Jul 2015 17:01:41 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=antoin.nl; s=walhalla; t=1437663703; bh=8NNpyencCRvl1nwvqdh3mrbcHze2/HntIjprJVi4ZIo=; h=Subject:From:In-Reply-To:Date:References:To:From; b=zQgKUko+HKoN0doP8b4I20ArWetiepJmeu7+LabZmxQpJQKWjVhugUSWom79JHhOp iSm3dEqlvMmIkEVp0fcJXj/il6cLywnlRS50Zmd+rpPCFsFsz48g0TUHtjmF+bsLyP QHX0keYgKQUOMjyVhr4bzz55+Hk43YNBP1gq2yaw=
Content-Type: multipart/signed; boundary="Apple-Mail=_436E47A1-4F0C-4EFD-860A-F20FE179E100"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Pgp-Agent: GPGMail 2.5
From: Antoin Verschuren <ietf@antoin.nl>
In-Reply-To: <55B0F487.9060507@elistx.com>
Date: Thu, 23 Jul 2015 17:00:58 +0200
Message-Id: <9AA3B636-D0C4-42E8-99D6-D29716EC7230@antoin.nl>
References: <55B0F487.9060507@elistx.com>
To: eppext@ietf.org
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/eppext/9puxI1oQP-xc1Fx2Fy7IjI188ew>
Subject: Re: [eppext] Working Group Last Call for draft-ietf-eppext-keyrelay
X-BeenThere: eppext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: EPPEXT <eppext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eppext>, <mailto:eppext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/eppext/>
List-Post: <mailto:eppext@ietf.org>
List-Help: <mailto:eppext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eppext>, <mailto:eppext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jul 2015 15:01:46 -0000

I have a minor comment I already notified the authors directly.

In the definition of the expiry element, it suggests a negative relative expiry or a date in the past for an absolute expiry in case a relayed key needs to be revoked.
Since I think it’s impossible for the receiving dns-operator to revoke a key in the past, an absolute expiry of the current date and a relative expiry of zero are better values to be interpreted to revoke an already relayed key immediately.

This may show up in a next version of the draft, so everyone knows where this change originates from.

There is an informative reference in the document to draft-koch-dnsop-dnssec-operator-change that has expired.
Unlike a normative reference, the AD has informed us that this is not an issue.
I’d like to inform you though, that since we seem to have consensus and implementation intentions on this draft, the authors of draft-koch-dnsop-dnssec-operator-change intend to revive that document so it may become an informational RFC.

- --
Antoin Verschuren

Tweevoren 6, 5672 SB Nuenen, NL
M: +31 6 37682392
xmpp:antoinverschuren@gmail.com




Op 23 jul. 2015, om 16:04 heeft James Galvin <galvin@elistx.com> het volgende geschreven:

> This is the start of the WGLC for "Key Relay Mapping for the Extensible Provisioning Protocol".
> 
> My co-chair Antoin is one of the authors of this document, he has recused himself from managing the progression of this document through the IETF process.
> 
> There has been extensive discussion on the mailing list, I believe all issues and concerns have been resolved, and the document is ready for WGLC.
> 
> The current version of this document can be found here:
> 
>    https://datatracker.ietf.org/doc/draft-ietf-eppext-keyrelay-04/
> 
> We will have 1 week last call period closing in Friday, 31 July 2015.
> 
> The document shepherd for this document will be Ulrich Wisser.
> 
> Jim
> 
> _______________________________________________
> EppExt mailing list
> EppExt@ietf.org
> https://www.ietf.org/mailman/listinfo/eppext