IETF Logo Mail Archive

[dnsext] NSEC4

Miek Gieben <miek@miek.nl> Wed, 04 January 2012 09:29 UTC

Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E85CC21F8670; Wed, 4 Jan 2012 01:29:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1325669391; bh=f2PGI/MaraT3s+rrOzyOrWMafsmUNJpRyvVeAlkJ1lw=; h=Date:From:To:Message-ID:MIME-Version:Subject:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: Content-Type:Sender; b=GSi4REJqAtWf/yNlujyfke29PHmVvm/zzWMEaHsbqtbgYvtXrNUeBjoyjMstqZ6Qk 0yhQzgfX0XD5keipEHfqdPCoGaoP5iXg+UGt+t7P6Y+tzNa4kNaE4CLZVaWl74IEOF PwCh5zVBTcoQ80SyGQqH1iCo9qthJ7aN8UdwwGmg=
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED08C21F864D for <dnsext@ietfa.amsl.com>; Wed, 4 Jan 2012 01:29:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.298
X-Spam-Level:
X-Spam-Status: No, score=-2.298 tagged_above=-999 required=5 tests=[AWL=0.302, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X49Ey9YwAn6A for <dnsext@ietfa.amsl.com>; Wed, 4 Jan 2012 01:29:47 -0800 (PST)
Received: from elektron.atoom.net (cl-201.ede-01.nl.sixxs.net [IPv6:2001:7b8:2ff:c8::2]) by ietfa.amsl.com (Postfix) with ESMTP id 69C9F21F8600 for <dnsext@ietf.org>; Wed, 4 Jan 2012 01:29:47 -0800 (PST)
Received: by elektron.atoom.net (Postfix, from userid 1000) id 9060B3FFFB; Wed, 4 Jan 2012 10:29:46 +0100 (CET)
Date: Wed, 04 Jan 2012 10:29:46 +0100
From: Miek Gieben <miek@miek.nl>
To: dnsext list <dnsext@ietf.org>
Message-ID: <20120104092946.GA4199@miek.nl>
Mail-Followup-To: dnsext list <dnsext@ietf.org>
MIME-Version: 1.0
User-Agent: Vim/Mutt/Linux
X-Home: http://www.miek.nl
Subject: [dnsext] NSEC4
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0808582565711690592=="
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org

Dear dnsext,

We have written down a little experiment that we have performed, called NSEC4.
The goal of the experiment was to optimize denial of existence records.
It is not our intention to standardize this, as we are aware of the backwards
compatibility issues this has with the current DNSSEC family RFCs, and we do
not want to discomfort the ongoing DNSSEC deployment.

However, we do want to document this to archive the insights we have gained
by doing this experiment. Therefor, we have submitted the following draft:

    http://www.ietf.org/id/draft-gieben-nsec4-00.txt

This experiment resolves two things:
* Reduces the size of the denial of existence response;
* Adds Opt-Out to un-hashed names.

We would be grateful if you would like to read this.

Our question is what is the best place to archive this? Re-reading RFC 2026,
we are considering to put this on the experimental non-standards track.

Thoughts?

Best regards,

Miek Gieben,
Matthijs Mekking

_______________________________________________
dnsext mailing list
dnsext@ietf.org
https://www.ietf.org/mailman/listinfo/dnsext

v2.23.0 | Report a Bug | By Email