Re: [Gen-art] Genart last call review of draft-ietf-dprive-xfr-over-tls-09
Dan Romascanu <dromasca@gmail.com> Tue, 20 April 2021 09:36 UTC
Return-Path: <dromasca@gmail.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3ECF73A1A4A; Tue, 20 Apr 2021 02:36:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1P5aHmvQOE3o; Tue, 20 Apr 2021 02:36:17 -0700 (PDT)
Received: from mail-io1-xd35.google.com (mail-io1-xd35.google.com [IPv6:2607:f8b0:4864:20::d35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 069963A1A49; Tue, 20 Apr 2021 02:36:16 -0700 (PDT)
Received: by mail-io1-xd35.google.com with SMTP id v123so30957242ioe.10; Tue, 20 Apr 2021 02:36:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=jGuq6W4emdj9knnEPCvPwtWfQ9sPNLav1rtaYfnMuF0=; b=KpmabR8jzKdWPi5czrWjQfyBtt/kynRcqbPf/X4d+DPelze6J40UnSwH7Rsj3bIgE6 V7jkO9Qs0OskihyqCbuas5KEqzWTRwkfh2eahCzHpYaERupGs+C668vl0iXXDDhQJz5S KMktfgYmhIql7f+GWOcQGnI2Q97X03FYMD5UIGC9lmw7NXl/pvLVfMW2G3Ld+aAUBwPv DpIFgbU78oXyfoRIghJvMm1PkmzeFTtHMfTr3PvBg6imZIQQRS1+fXLE+cXHFfiHlDSu FIVTr8qsZYkLuGys0ewu2BzCpwSGWBGoywDbE+fPiGXYIEAeOPDVb4lqbonujkx+KpZM /8lg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jGuq6W4emdj9knnEPCvPwtWfQ9sPNLav1rtaYfnMuF0=; b=gwW1rnXjPJhJ3WQgJe2sxd6lS+vlgvfs/OPQh3Pf3u6qo8QZRxFN2z/IVoiwS6Zz2R jqGgOs2ws9iGn9NkV+bSgTVCIHFKrtot5ew6vOztGSfVs2hjksdV59uh31XcYlJujPBW 6FHnhU2Fxyp3rWgWWJMhKd9+kQBpKyOweG90w06vmGR97Rb39kw2RJjwur/PyeFhxxt1 zaD7tv5ezQa3tk3MEeMTFkfPMQODsekF2TIG7qbUvJF4yElyjlDXFeqjpO82zdFGAqr0 LXo8lzH1RDPHyulYyvFg/d4bzV7ioTtQw0Z1ee5poi9gI8l5vH3AsOYZ2y8IIF8UnRuO ffFQ==
X-Gm-Message-State: AOAM533CjWxnWIrKNax7OC+kxEaNe3fpB3fLNJZPtwwFNw6T09K/I5U+ VQrXs084cvmK0Yhe0sTHcyMm7rfkC0DkR5IkS2k=
X-Google-Smtp-Source: ABdhPJw0tANGbSFVLxZsimtRQiN2Q0/eIHVSql8ImT3GWCruDaenbImmuZj6wIesrRs9agikUDpaZV/QWYhJLhJdj+4=
X-Received: by 2002:a05:6638:a2c:: with SMTP id 12mr16536201jao.99.1618911375346; Tue, 20 Apr 2021 02:36:15 -0700 (PDT)
MIME-Version: 1.0
References: <161865263565.11494.11842811379172646764@ietfa.amsl.com> <79092CDB-33DC-472D-B597-1CA22E4D4342@sinodun.com>
In-Reply-To: <79092CDB-33DC-472D-B597-1CA22E4D4342@sinodun.com>
From: Dan Romascanu <dromasca@gmail.com>
Date: Tue, 20 Apr 2021 12:36:03 +0300
Message-ID: <CAFgnS4W0s-BJj3nhdM4Li7WdRRG4WdvxR_xbX3RB5=XFq-Tj_Q@mail.gmail.com>
To: Sara Dickinson <sara@sinodun.com>
Cc: General Area Review Team <gen-art@ietf.org>, DNS Privacy Working Group <dns-privacy@ietf.org>, draft-ietf-dprive-xfr-over-tls.all@ietf.org, Last Call <last-call@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000734f8c05c0642dbe"
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/vQK0G8aLUsRNJMpCaOE9OY1fdow>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-dprive-xfr-over-tls-09
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Apr 2021 09:36:22 -0000
Hi Sara, Thank you for the response and for addressing the nit-comments in my review. All seems fine to me now from my end. Regards, Dan On Tue, Apr 20, 2021 at 11:51 AM Sara Dickinson <sara@sinodun.com> wrote: > > > On 17 Apr 2021, at 10:43, Dan Romascanu via Datatracker <noreply@ietf.org> > wrote: > > Reviewer: Dan Romascanu > Review result: Ready with Nits > > I am the assigned Gen-ART reviewer for this draft. The General Area > Review Team (Gen-ART) reviews all IETF documents being processed > by the IESG for the IETF Chair. Please treat these comments just > like any other last call comments. > > For more information, please see the FAQ at > > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. > > Document: draft-ietf-dprive-xfr-over-tls-09 > Reviewer: Dan Romascanu > Review Date: 2021-04-17 > IETF LC End Date: 2021-04-20 > IESG Telechat date: Not scheduled for a telechat > > Summary: > > Ready with nits. > > This document specifies XFR-over-TLS (XoT) i.e. the use of TLS, rather than > clear text, to prevent zone content collection via passive monitoring of > DNS > zone transfers. This is a very clear and well-written document. I had to do > further reading to understand some of the specified or referred concepts > and > mechanisms, but after doing it all aligned nicely. I especially appreciate > the > inclusion and level of detail of Section 7 which explains the updates to > the > existing specifications, including the RFCs updated by this document and > clarifies the issues of backwards compatibility. There are a few nits that > I > suggest to address before publication. > > > Hi Dan, > > Many thanks for the review. > > > Major issues: > > Minor issues: > > Nits/editorial comments: > > 1. In Section 3: > > XoT: Generic XFR-over-TLS mechanisms as specified in this document > > > What does 'Generic' mean here? Are there also non-generic / specific > mechanisms > similar to XoT that should be referenced? If not, consider dropping > ‘Generic' > > > It was intended to mean that the term applied to both IXFR and > AXFR-over-TLS… I propose updating the text to the following: > > “XoT: XFR-over-TLS mechanisms as specified in this document which apply to > both AXFR-over-TLS and IXFR-over-TLS" > > > 2. In Section 5 there are two Design Considerations labelled both > Performance. > Is this the intent? If yes, maybe they should be grouped together. If not > maybe > at least one of the name may be changed. > > > Good point - they are now grouped them together. > > > 3. Should not the fact that implementations MUST use TLS 1.3 or higher, > which > is specified in Section 8.1, be also mentioned in the Introduction? > > > Yes - the last paragraph is now update to add that. > > > 4. Section 9 uses in one instance the term 'multi-master'. Can an > alternative > term be considered, taking into account the work summarized in I-Ds such as > https://datatracker.ietf.org/doc/draft-knodel-terminology/? > > > Thanks for spotting this. I suggest simply removing that text as I think > term multi-primary in the title should be enough given our terminology > section. > > > 5. I assume that Section 20 - Changelog will be removed before publication > > > I’ve added text to request this, just to make sure. > > > I’ve published a -10 version the draft including these changes which I > hope addresses your issues? > > Regards > > Sara. > > > >
- [Gen-art] Genart last call review of draft-ietf-d… Dan Romascanu via Datatracker
- Re: [Gen-art] Genart last call review of draft-ie… Sara Dickinson
- Re: [Gen-art] Genart last call review of draft-ie… Dan Romascanu
- Re: [Gen-art] Genart last call review of draft-ie… Lars Eggert