IETF Logo Mail Archive

Re: [homenet] Dnsdir telechat review of draft-ietf-homenet-front-end-naming-delegation-18

Michael Richardson <mcr+ietf@sandelman.ca> Mon, 17 October 2022 13:40 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A075C1526E5; Mon, 17 Oct 2022 06:40:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.906
X-Spam-Level:
X-Spam-Status: No, score=-6.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LAcsDUbYptcE; Mon, 17 Oct 2022 06:40:23 -0700 (PDT)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A22CEC1526E3; Mon, 17 Oct 2022 06:40:22 -0700 (PDT)
Received: from dyas.sandelman.ca (unknown [142.169.78.8]) by relay.sandelman.ca (Postfix) with ESMTPS id 40A261F47D; Mon, 17 Oct 2022 13:40:21 +0000 (UTC)
Received: by dyas.sandelman.ca (Postfix, from userid 1000) id 520C0A3939; Mon, 17 Oct 2022 09:40:19 -0400 (EDT)
Received: from dyas (localhost [127.0.0.1]) by dyas.sandelman.ca (Postfix) with ESMTP id 4EE5DA3926; Mon, 17 Oct 2022 09:40:19 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Matt Brown <ietf@mattb.net.nz>, dnsdir@ietf.org, draft-ietf-homenet-front-end-naming-delegation.all@ietf.org, homenet@ietf.org, last-call@ietf.org
In-reply-to: <166601224491.24452.9575096761631204136@ietfa.amsl.com>
References: <166601224491.24452.9575096761631204136@ietfa.amsl.com>
Comments: In-reply-to Matt Brown via Datatracker <noreply@ietf.org> message dated "Mon, 17 Oct 2022 06:10:44 -0700."
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.3
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Mon, 17 Oct 2022 09:40:19 -0400
Message-ID: <183330.1666014019@dyas>
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/B6Qif6stDXUo0ctj6YR5vP1_WWg>
Subject: Re: [homenet] Dnsdir telechat review of draft-ietf-homenet-front-end-naming-delegation-18
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Oct 2022 13:40:24 -0000

Thank you for this review!
You did a very good job..

Matt Brown via Datatracker <noreply@ietf.org> wrote:
    > Homenet Zone is highly likely to be the same IP with an open DNS
    > port for the DM to connect to for XFR, and while the relationship
    > in IPv6 is not as straightforward given the likely use of privacy
    > addressing, etc it's not particularly hard to scan the enclosing
    > /64 or beyond for an address with an open DNS port.

18 quintillion addresses is quite a lot :-)
It's not easy to scan.  Maybe you had some 

Here is a discussion in 6man, about using a browser to scan the IPv6-LL
of a local LAN:
  https://mailarchive.ietf.org/arch/msg/ipv6/YDRrY71hxhQBdMGLS-XByHS1f7I/

The other points are interesting, and I'll need to think about your
editorial suggestions about what order to present things in.

-- 
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email