Re: [Gen-art] Genart last call review of draft-ietf-homenet-dot-12
Ted Lemon <mellon@fugue.com> Tue, 29 August 2017 23:25 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E90EE132C41 for <gen-art@ietfa.amsl.com>; Tue, 29 Aug 2017 16:25:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iOqWplTzV8Om for <gen-art@ietfa.amsl.com>; Tue, 29 Aug 2017 16:25:47 -0700 (PDT)
Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E407132B9B for <gen-art@ietf.org>; Tue, 29 Aug 2017 16:25:47 -0700 (PDT)
Received: by mail-qk0-x22d.google.com with SMTP id p67so21781037qkd.2 for <gen-art@ietf.org>; Tue, 29 Aug 2017 16:25:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=GB2cTi96LQ3rKjrtascfxo3KrpxcqHIkgf/o0kBN898=; b=CoDp4DNb62+z4mU2W1QDdmo+CNjAtLbemfR41CUh+nZ+Zb8cx7JGc2YBfStFuGDdfx iIrAhBvq319R6vIkMeUa0UGVNv4FuktAHLQ3PrY2+1fBuhHqSyltKw44SWhPoPiDAhmj nomKuJZINCCPCZhQaOro6OO/mrv9m4Qx2rI5clZk8/1ouD3qn++OrettBkPmcObK6Vi9 GgUmFsQ8b0Qtwtb5DOg0d67oI25CNdTOLwOpKC7r18SdyEvGzVhHhGDLrVmhd4D2dMpr W3I0Hane4eyMHVy34DVfgew4Nn0ddQaw2I8mnqAPr4vl6rtaphTbqTESzLLc+q4BXp4r TyeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=GB2cTi96LQ3rKjrtascfxo3KrpxcqHIkgf/o0kBN898=; b=FklIIwkQQLgW9RuT1DbWpwgNlx50O0WlCxsTZwTPY+Z1caUBVDMBm61WW4AuRqx7jE n9UUty3OPbFfkDdbfDrx79mm43Ne/v1vVpj5ydG+aXNeyvoPxDJYxQlXrHIQ9b+yfxqA vGA7UCznXGWW8mpBnbW59JuYnMXneMz0cPF6Nt0FWG9m3pqERVoNf/pqA16vv8mbybJ2 fqJ3BioEnYYQKIwKp/qCUGJbpZPC8tfkHKwF4ufN1MNwHw37r0OTdTJ2l+YWn5BVFErJ LLjeV80E43jwEyp/h3PAc1sPlGjeNl/j1W2MxI53Sy3X9RdKzRfPOAgbi2REHffSCsym N/Hg==
X-Gm-Message-State: AHYfb5gHjxxtROvgBdUfXXgG9/4s97G0F3JDIEJmaXJUES5VHj+Ws4lF 7mxJm0u8/ARlZ/dP
X-Received: by 10.55.73.212 with SMTP id w203mr8479724qka.115.1504049146485; Tue, 29 Aug 2017 16:25:46 -0700 (PDT)
Received: from cavall.ether.lede.home (c-24-60-163-103.hsd1.nh.comcast.net. [24.60.163.103]) by smtp.gmail.com with ESMTPSA id v11sm2733678qti.87.2017.08.29.16.25.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 29 Aug 2017 16:25:45 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <4B072264-2824-4433-A24D-DF5D2FD5A085@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_9B9FF9B6-762E-4B34-8BD4-C45CE1938AFD"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Tue, 29 Aug 2017 19:25:44 -0400
In-Reply-To: <150357360963.24287.5193275103043411365@ietfa.amsl.com>
Cc: General area reviewing team <gen-art@ietf.org>, draft-ietf-homenet-dot.all@ietf.org, HOMENET <homenet@ietf.org>
To: Dale Worley <worley@ariadne.com>
References: <150357360963.24287.5193275103043411365@ietfa.amsl.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/QAy5SUisOa4emJjikudM_Ymfyjw>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-homenet-dot-12
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Aug 2017 23:25:50 -0000
El Aug 24, 2017, a les 7:20 AM, Dale Worley <worley@ariadne.com> va escriure: > 4. Domain Name Reservation Considerations > > 3. Name resolution APIs MUST send queries for such > names to a recursive DNS server that is configured to be > authoritative for the 'home.arpa.' zone appropriate to the > homenet. > > If I understand the terminology correctly, this rules out sending the > query to a DNS server that recursively sends the query to a server > that is authoritative for home.arpa. If that is intended and there > are technical reasons for making this prescription, that's OK, but I > want to check that that is intended, as this rule is stricter than the > similar rule in the second paragraph of item 4, which is qualified > "Unless configured otherwise". Wow. The text here is just flat wrong: recursive name servers aren't authoritative. You can of course combine them, but this text doesn't agree with some other text later in the document. What the text is supposed to be saying is that the stub resolver has to use the recursive resolver that was provided by the network; if it uses a manually configured resolver, it may get the wrong answer. I will have to rework this text—thanks so much for calling this to my attention, even though what you noticed isn't exactly what's wrong! :) As for the discrepancy itself, the reason for this is that recursive resolvers are supposed to stop home.arpa queries leaking to the root, whereas stub resolvers can (must!) fob that responsibility off on the recursive resolver. If they are configured to send these queries to, e.g., 8.8.8.8, we just have to hope that google doesn't forward them to the root (as would be consistent with the text in item 4). > There are 5 paragraphs under item 4. It might be worth giving them > separate numbers, or if they truly form a unified topic, giving them > sub-numbers 4a, 4b, etc. I've updated the document to separate this out into three lettered subheads. We can't change the numbering, because that's required by RFC 6761, but I agree that it's clearer if the three separate topics are split out. > In context what this means is clear, but its literal meaning is > sufficiently incorrect that I think it could be clarified, perhaps to > > Therefore, the only delegation that will allow names under > 'home.arpa.' to be resolved by a validating resolver that is not > aware of the local meaning is an insecure delegation, as in > [RFC6303] section 7. I like the new text, and have copied it into the document. Thanks!
- [Gen-art] Genart last call review of draft-ietf-h… Dale Worley
- Re: [Gen-art] Genart last call review of draft-ie… Ted Lemon
- Re: [Gen-art] [homenet] Genart last call review o… Mark Andrews
- Re: [Gen-art] Genart last call review of draft-ie… Dale R. Worley
- Re: [Gen-art] Genart last call review of draft-ie… Ted Lemon