IETF Logo Mail Archive

Re: [dnsext] draft-ietf-dnsext-dnssec-algo-signal-07.txt

Paul Hoffman <paul.hoffman@vpnc.org> Tue, 17 July 2012 19:05 UTC

Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8E2A21F8638; Tue, 17 Jul 2012 12:05:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1342551946; bh=5sp+twklZLAjV+MmBSiV/4rTbRvEEf6fIK/6evuQ2hA=; h=Mime-Version:From:In-Reply-To:Date:Message-Id:References:To:Cc: Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:List-Help: List-Subscribe:Content-Type:Content-Transfer-Encoding:Sender; b=u4DXAK6OpYnwVJWocxPOWTGO10gvC9posEl6s0TUgfGCCaLQEPMs3tJiwTV2gfEic CuvHcvof+RcCTpYRdkJJbwId84nsPvrcQqzaRksJ4ngqQFN3RQKZjd8WJPI63ZH439 XB+XfIb0NIjB++ljpEQ/wEDpy0pjzpHeuaSNGbzA=
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FB6E21F8638 for <dnsext@ietfa.amsl.com>; Tue, 17 Jul 2012 12:05:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.427
X-Spam-Level:
X-Spam-Status: No, score=-102.427 tagged_above=-999 required=5 tests=[AWL=-0.128, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gf3T5N3ss+n5 for <dnsext@ietfa.amsl.com>; Tue, 17 Jul 2012 12:05:45 -0700 (PDT)
Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id 8024521F8624 for <dnsext@ietf.org>; Tue, 17 Jul 2012 12:05:45 -0700 (PDT)
Received: from [10.20.30.102] (50-1-50-97.dsl.dynamic.fusionbroadband.com [50.1.50.97]) (authenticated bits=0) by hoffman.proper.com (8.14.5/8.14.5) with ESMTP id q6HIKRqF001798 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 17 Jul 2012 11:20:28 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
Mime-Version: 1.0 (Apple Message framework v1278)
From: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <F543CB66-BECE-4D5A-A46F-27A35DB05089@frobbit.se>
Date: Tue, 17 Jul 2012 12:06:25 -0700
Message-Id: <3604D7DA-3A1F-475F-8EB1-1787BF8A3023@vpnc.org>
References: <6EC11B57-B164-4214-AADE-E552D9B21753@frobbit.se> <85D2BE55-4028-468E-A07B-4F3B7406B68A@vpnc.org> <5A201A57-A13E-4021-A012-CEA37DA5DBED@shinkuro.com> <C9946CED-F26A-4BF3-9DF4-E910655270D7@vpnc.org> <F543CB66-BECE-4D5A-A46F-27A35DB05089@frobbit.se>
To: Patrik Fältström <patrik@frobbit.se>
X-Mailer: Apple Mail (2.1278)
Cc: dnsext@ietf.org
Subject: Re: [dnsext] draft-ietf-dnsext-dnssec-algo-signal-07.txt
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org

On Jul 17, 2012, at 11:54 AM, Patrik Fältström wrote:

> Is this existence of this parameter for you a blocking factor for this document?

I thought I was clear in my earlier message: no, not blocking. I bring it up now because it is a useless addition that is trivial to remove.

> I do not mind if you expand a bit because I must as shepherd of this document understand whether what you feel is something that still is in the rough part of rough consensus, and if so that your view should be paused until there is IETF last call and your input goes to IESG.

I say "useless" because, unlike NAPTR, the ordering of the lists is optional. Because of this, the optionality of the preference ordering makes the ordering useless. That is, if I say I know "SHA1, SHA256" you don't know if I prefer SHA1 (because it's shorter, and I don't care about anything above 60 bits of strength) or whether I have no preference and listed them in numeric order or whether that order was set by my software. That is, you cannot determine if my order is surprising or uninteresting. This invalidates any value to the ordering.

If the WG leaves in the ordering, I believe that we need to add "however, interpreting the order in answers will lead to wrong conclusions". If I'm wrong and someone can show how a recipient can tell the difference between answers that were ordered on purpose and those that were not, that's great: we can add it to the draft.

> I can understand if you see these kind of parameters in DNS "go away", but so far we have sort of used them in many RR Types, and maybe what you ask for is a generic change in how we design new RR Types. But the question is whether *THIS* document should be where we take that step on "generic design decisions".

I do *not* want the parameters to go away: I said that I support the publication of this document. All I am saying is that the optional ordering is useless and will cause problems for validators ("where do I read why I should have a preference") and zones who make false assumptions on the order seen.

--Paul Hoffman

_______________________________________________
dnsext mailing list
dnsext@ietf.org
https://www.ietf.org/mailman/listinfo/dnsext

v2.23.0 | Report a Bug | By Email