IETF Logo Mail Archive

Re: [Gen-art] Genart last call review of draft-ietf-dnsop-7706bis-07

Alissa Cooper <alissa@cooperw.in> Thu, 12 March 2020 01:28 UTC

Return-Path: <alissa@cooperw.in>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6076F3A1027; Wed, 11 Mar 2020 18:28:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cooperw.in header.b=16jtTQvW; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=BXowYCn5
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QBh5f4Xdix8x; Wed, 11 Mar 2020 18:28:40 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 204273A0FF4; Wed, 11 Mar 2020 18:28:40 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 2F7BE22017; Wed, 11 Mar 2020 21:28:39 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Wed, 11 Mar 2020 21:28:39 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cooperw.in; h= from:message-id:content-type:mime-version:subject:date :in-reply-to:cc:to:references; s=fm2; bh=5cpGpqpFhCfvPKjMzzAqkWP ss6E399ATZvY2yYuFs48=; b=16jtTQvWWV/fJEgnwlfNnDxO/MHWeL+P444CYHN YBalnREKNrQxWECQKzvwSEtxakykYDa+5ENdOOd1uEt1SM50QzVSm5qRe3c3nObc bHtOAMzz9ZQpMEKnvauesKC0jJa817YDQ8lPud4uHluP3FnLkAEq1al9y7ZOg7ID 7j7PgTNUIaYNJYdKw1Ayw3ZN9SzoawQGhl2/XygxCNVgJPa8203DOCquMwVGc1I9 8I0DhTaXOS2dXiP0HoYRCIl/DG1lhVLYlvqGLvq7rucM+ol2C7pqAC9EbAusvnYm roiK0vWM+jyqfvRw0AShUKjcgeq6z0U05PNdoxbELhY99Iw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=5cpGpq pFhCfvPKjMzzAqkWPss6E399ATZvY2yYuFs48=; b=BXowYCn53hgqQaPN3satrj IhWmf8emW6wD9jrHHDRFIHdYCvce5nlQOdgpFEc2/qK6XFgP0vhMarcvbRIpLnhz TKyU5nmC03YwkSVi0Ooc1qPFaVqE51Hw0jI9uuFM9ZrOBXi/giql8Z9JZnfTL2bz z1YFncRVPYjEfBOORUM6OzG8x7ASF0dOVZpjD6sjZgezL7Ce/PM+zigfjza/JenK B4pSQmszzMdMM6vmhbb1rE0NmihBiLgmd6/T6DJw+HfVUvMlwQgNFJ79sNPkdycn k1sgD8uZEpD54Ju3qVzo+tqrdruWeRK+YlVTGcPNjf3BGBpQaM91E19cFCMXRKlg ==
X-ME-Sender: <xms:RpBpXlFjn_gw9tBLhIt9CVdpzOy6qn9bQQFNOLjVMARjly159PAbQw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedruddvgedggeeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffktgggufffjgfvfhfosegrtdhmrehhtddvnecuhfhrohhmpeetlhhishhs rgcuvehoohhpvghruceorghlihhsshgrsegtohhophgvrhifrdhinheqnecuffhomhgrih hnpehivghtfhdrohhrghdprhgvrgguthhhvgguohgtshdrihhopdhrvggrughthhgvugho tghsrddrihhopdgtrghiuggrrdhorhhgnecukfhppedujeefrdefkedruddujedrkeeine cuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheprghlihhs shgrsegtohhophgvrhifrdhinh
X-ME-Proxy: <xmx:RpBpXmr8bp0C9tkfFjjwlDKnsZluM_bJg3LQGgLtqp6seLM91zJ_Ng> <xmx:RpBpXp6-v2sZPR8wZEXZKv8ACHy1_Qo9FHgN-Uy-76hyAR8vesSAQg> <xmx:RpBpXs68Iby9cfF2hc8OZNOldSG2ctcI4fLzw0Bh9_YzJm4lv0zoCg> <xmx:R5BpXo8GJjTBP0ps9ayJOxSbHAsAo6B7Z7owJpoD0R0p3OqJIDZc4w>
Received: from rtp-alcoop-nitro2.cisco.com (unknown [173.38.117.86]) by mail.messagingengine.com (Postfix) with ESMTPA id 4771A30612AF; Wed, 11 Mar 2020 21:28:38 -0400 (EDT)
From: Alissa Cooper <alissa@cooperw.in>
Message-Id: <5A333387-7C92-4FD2-9909-0E697C21E61B@cooperw.in>
Content-Type: multipart/alternative; boundary="Apple-Mail=_75678903-C5BA-424C-9707-D9BC371C924B"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Date: Wed, 11 Mar 2020 21:28:37 -0400
In-Reply-To: <CAP+sJUcZUsRkYkErQUzY0S31ZLqWeu18KUcCTjV-BqbD2w-78w@mail.gmail.com>
Cc: Warren Kumari <warren@kumari.net>, last-call@ietf.org, General Area Review Team <gen-art@ietf.org>, draft-ietf-dnsop-7706bis.all@ietf.org, dnsop <dnsop@ietf.org>
To: Ines Robles <mariainesrobles=40googlemail.com@dmarc.ietf.org>
References: <158289497136.22402.1744188467383478436@ietfa.amsl.com> <CAHw9_iKcSiVWdkGr_RYq=OfXuRb=x7aMTFiVi4gG_Sx1oqp5Mw@mail.gmail.com> <CAP+sJUcZUsRkYkErQUzY0S31ZLqWeu18KUcCTjV-BqbD2w-78w@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/XF_KcGp_fYAWgx15gMoKhWv9OrI>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-dnsop-7706bis-07
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Mar 2020 01:28:53 -0000

Ines, thanks for your review. All, thanks for your responses. I entered a No Objection ballot.

Alissa


> On Mar 2, 2020, at 8:18 AM, Ines Robles <mariainesrobles=40googlemail.com@dmarc.ietf.org> wrote:
> 
> Hi Warren,
> 
> Thank you very much for your reply,
> 
> Best wishes,
> 
> Ines..
> 
> On Fri, Feb 28, 2020 at 8:18 PM Warren Kumari <warren@kumari.net <mailto:warren@kumari.net>> wrote:
> On Fri, Feb 28, 2020 at 8:02 AM Ines Robles via Datatracker
> <noreply@ietf.org <mailto:noreply@ietf.org>> wrote:
> >
> > Reviewer: Ines Robles
> > Review result: Ready with Nits
> >
> > I am the assigned Gen-ART reviewer for this draft. The General Area
> > Review Team (Gen-ART) reviews all IETF documents being processed
> > by the IESG for the IETF Chair.  Please treat these comments just
> > like any other last call comments.
> >
> > For more information, please see the FAQ at
> >
> > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>>.
> >
> > Document: draft-ietf-dnsop-7706bis-07
> > Reviewer: Ines Robles
> > Review Date: 2020-02-28
> > IETF LC End Date: 2020-02-28
> > IESG Telechat date: Not scheduled for a telechat
> >
> > Summary:
> >
> > The document is well written,  it supplies appendixes with examples.
> >
> > This document describes a method for the operator of a recursive resolver to
> > have a complete root zone locally, and to hide queries for the root zone from
> > outsiders, at the cost of adding some operational fragility for the operator.
> >
> > I have some minor questions.
> >
> > Major issues: None
> >
> > Minor issues: None.
> >
> > Nits/editorial comments:
> >
> 
> Thank you for the review!
> 
> > 1- Appendix B.5: it seems that the link is not valid: <https://knot- <https://knot-/>
> >    resolver.readthedocs.io/en/stable/modules.html#root-on-loopback-rfc- <http://resolver.readthedocs.io/en/stable/modules.html#root-on-loopback-rfc->
> >    7706>
> >
> >   This link worked for me:
> >   https://knot-resolver.readthedocs.io/en/stable/modules-rfc7706.html <https://knot-resolver.readthedocs.io/en/stable/modules-rfc7706.html>.
> 
> Thanks - not just for pointing out the issue, but also finding a
> better version - as suggested, I am changing this (in a git branch
> where I am collecting updates) to
> https://knot-resolver.readthedocs..io/en/v5.0.1/modules-rfc7706.html <https://knot-resolver.readthedocs.io/en/v5.0.1/modules-rfc7706.html> -
> I believe that stability is the most important attribute. AD, please
> let us know if you disagree.
> 
> >
> > Questions:
> >
> > 1- It seems that this document replaces RFC7706, but the document states that
> > it updates RFC7706, is that correct?
> 
> Oh, good point - once this is published, it does replace 7706 (it is a
> bis, and contains all of the content from 7706), so Obsoletes is
> better.
> Thank you, changed.
> 
> >
> > 2- Abstract: "The cost of adding some operational fragility for the operator",
> > Does it introduce security considerations that have to be mentioned?
> >
> > 3- Section 1: "Research shows that the vast majority of queries going to the
> > root are for names that do not exist in the
> >    root zone." - Do you have some references to that research that can be added
> >    to the draft?
> 
> Hmmmm... I think that we missed this because, within the DNS community
> this is sufficiently well known that we don't even think about /
> question it.
> There is quite a lot of research on this, but much if it is behind
> paywalls - while almost 20 years old now (Gods, I feel old!), I think
> that the best one to cite is still:
> https://www.caida.org/publications/papers/2001/DNSMeasRoot/dmr.pdf <https://www.caida.org/publications/papers/2001/DNSMeasRoot/dmr.pdf> (
> DNS Measurements at a Root Server ) -- I will add this.
> 
> >
> > 4- I would expand KSK to Key signing key (KSK).
> 
> Thanks! Done!
> 
> >
> > 5- Should this draft add a reference to rfc8499?
> 
> Seems like a good idea, thanks! I'm adding:
> "Readers are expected to be familiar with <xref target="RFC8499"/>."
> 
> >
> > Thank you for this document,
> 
> .... and thank you for the review.
> 
> W
> 
> >
> > Ines.
> >
> >
> 
> 
> -- 
> I don't think the execution is relevant when it was obviously a bad
> idea in the first place.
> This is like putting rabid weasels in your pants, and later expressing
> regret at having chosen those particular rabid weasels and that pair
> of pants.
>    ---maf
> _______________________________________________
> Gen-art mailing list
> Gen-art@ietf.org
> https://www.ietf.org/mailman/listinfo/gen-art

v2.23.0 | Report a Bug | By Email