Re: [homenet] Genart last call review of draft-ietf-homenet-dot-12
Ted Lemon <mellon@fugue.com> Tue, 29 August 2017 23:25 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12733132A9B for <homenet@ietfa.amsl.com>; Tue, 29 Aug 2017 16:25:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8s9ovqydEkkI for <homenet@ietfa.amsl.com>; Tue, 29 Aug 2017 16:25:51 -0700 (PDT)
Received: from mail-qk0-x233.google.com (mail-qk0-x233.google.com [IPv6:2607:f8b0:400d:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E2E2132A94 for <homenet@ietf.org>; Tue, 29 Aug 2017 16:25:47 -0700 (PDT)
Received: by mail-qk0-x233.google.com with SMTP id k126so21764515qkb.4 for <homenet@ietf.org>; Tue, 29 Aug 2017 16:25:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=GB2cTi96LQ3rKjrtascfxo3KrpxcqHIkgf/o0kBN898=; b=CoDp4DNb62+z4mU2W1QDdmo+CNjAtLbemfR41CUh+nZ+Zb8cx7JGc2YBfStFuGDdfx iIrAhBvq319R6vIkMeUa0UGVNv4FuktAHLQ3PrY2+1fBuhHqSyltKw44SWhPoPiDAhmj nomKuJZINCCPCZhQaOro6OO/mrv9m4Qx2rI5clZk8/1ouD3qn++OrettBkPmcObK6Vi9 GgUmFsQ8b0Qtwtb5DOg0d67oI25CNdTOLwOpKC7r18SdyEvGzVhHhGDLrVmhd4D2dMpr W3I0Hane4eyMHVy34DVfgew4Nn0ddQaw2I8mnqAPr4vl6rtaphTbqTESzLLc+q4BXp4r TyeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=GB2cTi96LQ3rKjrtascfxo3KrpxcqHIkgf/o0kBN898=; b=qtUCIl210RTCeyORszXBzvuyqPq1J5ZDGX5NrHIQlMp3DKtDjElaQdedVod4oVFIs1 dqe6jwtol/T3+oZKWmmvAfXtvD/11HzIJWoovqz6O7Pj0A7J6DFwtUu9DbYw3YuHVb5T cPmi3OWvN5GiyoVXyeGfY5dwiMvXPFdR274LRQJtCNS7DFP/u3cQZhYqhWB8yM3mhelm /egdoLZRnwSkBei3DLHwlABKRU8cAyNNw8lvK5dKqkdzfme7NZ7nAjVOLaijbCtGGiba EMWjtKk72+Px2aNU0F5U6TV0/9S7rklSOPclIYMdGmoYm6xhPER2pl4H4TQGJf6Sol0r t87Q==
X-Gm-Message-State: AHYfb5gXJRdQqiDrFnFYzZEU1/c0i9kC1f8U9jiOyxWRne2IPpkEG8Zj bWPcU/dqdBGntlQR
X-Received: by 10.55.73.212 with SMTP id w203mr8479724qka.115.1504049146485; Tue, 29 Aug 2017 16:25:46 -0700 (PDT)
Received: from cavall.ether.lede.home (c-24-60-163-103.hsd1.nh.comcast.net. [24.60.163.103]) by smtp.gmail.com with ESMTPSA id v11sm2733678qti.87.2017.08.29.16.25.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 29 Aug 2017 16:25:45 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <4B072264-2824-4433-A24D-DF5D2FD5A085@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_9B9FF9B6-762E-4B34-8BD4-C45CE1938AFD"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Tue, 29 Aug 2017 19:25:44 -0400
In-Reply-To: <150357360963.24287.5193275103043411365@ietfa.amsl.com>
Cc: General area reviewing team <gen-art@ietf.org>, draft-ietf-homenet-dot.all@ietf.org, HOMENET <homenet@ietf.org>
To: Dale Worley <worley@ariadne.com>
References: <150357360963.24287.5193275103043411365@ietfa.amsl.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/2lI7gUqYVNZ1JAInkWICdaJ22DU>
Subject: Re: [homenet] Genart last call review of draft-ietf-homenet-dot-12
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Aug 2017 23:25:52 -0000
El Aug 24, 2017, a les 7:20 AM, Dale Worley <worley@ariadne.com> va escriure: > 4. Domain Name Reservation Considerations > > 3. Name resolution APIs MUST send queries for such > names to a recursive DNS server that is configured to be > authoritative for the 'home.arpa.' zone appropriate to the > homenet. > > If I understand the terminology correctly, this rules out sending the > query to a DNS server that recursively sends the query to a server > that is authoritative for home.arpa. If that is intended and there > are technical reasons for making this prescription, that's OK, but I > want to check that that is intended, as this rule is stricter than the > similar rule in the second paragraph of item 4, which is qualified > "Unless configured otherwise". Wow. The text here is just flat wrong: recursive name servers aren't authoritative. You can of course combine them, but this text doesn't agree with some other text later in the document. What the text is supposed to be saying is that the stub resolver has to use the recursive resolver that was provided by the network; if it uses a manually configured resolver, it may get the wrong answer. I will have to rework this text—thanks so much for calling this to my attention, even though what you noticed isn't exactly what's wrong! :) As for the discrepancy itself, the reason for this is that recursive resolvers are supposed to stop home.arpa queries leaking to the root, whereas stub resolvers can (must!) fob that responsibility off on the recursive resolver. If they are configured to send these queries to, e.g., 8.8.8.8, we just have to hope that google doesn't forward them to the root (as would be consistent with the text in item 4). > There are 5 paragraphs under item 4. It might be worth giving them > separate numbers, or if they truly form a unified topic, giving them > sub-numbers 4a, 4b, etc. I've updated the document to separate this out into three lettered subheads. We can't change the numbering, because that's required by RFC 6761, but I agree that it's clearer if the three separate topics are split out. > In context what this means is clear, but its literal meaning is > sufficiently incorrect that I think it could be clarified, perhaps to > > Therefore, the only delegation that will allow names under > 'home.arpa.' to be resolved by a validating resolver that is not > aware of the local meaning is an insecure delegation, as in > [RFC6303] section 7. I like the new text, and have copied it into the document. Thanks!
- [homenet] Genart last call review of draft-ietf-h… Dale Worley
- Re: [homenet] Genart last call review of draft-ie… Ted Lemon
- Re: [homenet] Genart last call review of draft-ie… Mark Andrews
- Re: [homenet] Genart last call review of draft-ie… Dale R. Worley
- Re: [homenet] Genart last call review of draft-ie… Ted Lemon