IETF Logo Mail Archive

Re: [homenet] I-D Action: draft-ietf-homenet-dot-11.txt (FINAL?)

Mark Andrews <marka@isc.org> Wed, 09 August 2017 03:17 UTC

Return-Path: <marka@isc.org>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A42E124B09 for <homenet@ietfa.amsl.com>; Tue, 8 Aug 2017 20:17:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fHSTBl1Nb-gt for <homenet@ietfa.amsl.com>; Tue, 8 Aug 2017 20:17:28 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.64.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4946A131CB6 for <homenet@ietf.org>; Tue, 8 Aug 2017 20:17:28 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id 1C5AF34C26C; Wed, 9 Aug 2017 03:17:25 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id DBD8716007B; Wed, 9 Aug 2017 03:17:24 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id BED2116007C; Wed, 9 Aug 2017 03:17:24 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id FOvFNj_pw5Is; Wed, 9 Aug 2017 03:17:24 +0000 (UTC)
Received: from rock.dv.isc.org (c27-253-115-14.carlnfd2.nsw.optusnet.com.au [27.253.115.14]) by zmx1.isc.org (Postfix) with ESMTPSA id 60E5616007B; Wed, 9 Aug 2017 03:17:24 +0000 (UTC)
Received: from rock.dv.isc.org (localhost [IPv6:::1]) by rock.dv.isc.org (Postfix) with ESMTP id 28F8F81C6FC7; Wed, 9 Aug 2017 13:17:22 +1000 (AEST)
To: Ted Lemon <mellon@fugue.com>
Cc: HOMENET <homenet@ietf.org>, Warren Kumari <warren@kumari.net>
From: Mark Andrews <marka@isc.org>
References: <150223150804.3668.14190745110025046639@ietfa.amsl.com> <79597E4D-DEC0-4622-A410-003B45EB5E6A@fugue.com>
In-reply-to: Your message of "Tue, 08 Aug 2017 18:33:33 -0400." <79597E4D-DEC0-4622-A410-003B45EB5E6A@fugue.com>
Date: Wed, 09 Aug 2017 13:17:22 +1000
Message-Id: <20170809031722.28F8F81C6FC7@rock.dv.isc.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/2uoQjvcuoC2jIqKdvEWNu15aYaY>
Subject: Re: [homenet] I-D Action: draft-ietf-homenet-dot-11.txt (FINAL?)
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Aug 2017 03:17:30 -0000

In message <79597E4D-DEC0-4622-A410-003B45EB5E6A@fugue.com>, Ted Lemon writes:
> I updated homenet-dot with the change that Mark requested regarding
> signed, unsigned and insecure delegations.   I believe the text is
> correct now, but would appreciate a sanity check.   Otherwise, I think
> it's up to the chairs to make the next move.

I would explictly list DS home.arpa as a exception.  (I had to file
a bug report against recursive server that failed to have this
exception this week for AS112 zones.  The bug has been fixed.)  Also
I wouldn't be using '.home.arpa.' as we also want to stop queries
for 'home.arpa' leaving the home.  There are a couple of references
to '.home.arpa'.

e.g.

Old:
   DNS queries for names ending with '.home.arpa.' are resolved using
   local resolvers on the homenet.  Such queries MUST NOT be recursively
   forwarded to servers outside the logical boundaries of the homenet.

New:
   DNS queries for names ending with 'home.arpa.' are resolved using
   local resolvers on the homenet.  Such queries MUST NOT be recursively
   forwarded to servers outside the logical boundaries of the homenet with
   the exception of DS lookups for 'home.arpa.'.

Mark

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org

v2.23.0 | Report a Bug | By Email