RE: DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem-statement-08
"Hollenbeck, Scott" <shollenbeck@verisign.com> Thu, 19 March 2020 11:33 UTC
Return-Path: <shollenbeck@verisign.com>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 598E53A27B6; Thu, 19 Mar 2020 04:33:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.088
X-Spam-Level:
X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, T_SPF_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3GqScW14dWDi; Thu, 19 Mar 2020 04:33:39 -0700 (PDT)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F00C33A27B5; Thu, 19 Mar 2020 04:33:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=2882; q=dns/txt; s=VRSN; t=1584617620; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=CB6/RpjIP0ID8MdTuyKoHu7vT7qhG5dM5ay18n7gWAg=; b=jaACm/YQikAPnN59JCVfBjBQCkVPY9Q0lQs7L+q8D5tB446/bksK0cos bE/xwIUetDknwWxA7nbFlBqabbKYSJsOb2b+56+VtR+6W6NkxNvYCLlff xwpAwXGAGZuD+bowwX+gDJUox5tiYfjiM+b5dxb/SLmy+3jYC1BQ4+1yf naLVhVFOu80fUMfIpONkbbLvS1W4D32G3lhk3oUqY2PiAJX86dWd8foyp aNBEbl29UUMHjr2Jbnq5yO06UTyXJS85eJPXUVUAZyyaiAykuLAhk9ZiF Tq3/xxPIMAuVWy8EczvHK/qR3+xyiygOa30vAJyv8Cp2+d//vgOXZspB1 w==;
IronPort-SDR: 8YQ28AgDQJGVV+EwKdbBdL94KKf1w6vokPWju2DUsZCKYJgGLwrY7qx+9LcWjuIbKWQWaZ7ZXt hsfwH+WzuRfzSBFoG1Vg2I0b19LM9LWobxbbcjJBJbbpoPDWW4tcUgcdyjiHn7bPepUhrDFABl 9qgLpAPRC4aal7l7fwUg7FA8qlbIkMymuqzG2tX9a0JYo+EabglHikOoJHM0oiFKPPW0KILlNO xZt3B6bWBXWSLOcHVDn+txLW9EttSw5Bpiegt8IP5TEi2zZ+dgbkI1OXaNmcy+XMRgijd04yqS Fx8=
X-IronPort-AV: E=Sophos;i="5.70,571,1574121600"; d="scan'208";a="1035207"
IronPort-PHdr: 9a23:60vf3hGPa6vVmAZjEZQuCp1GYnF86YWxBRYc798ds5kLTJ76ps65bnLW6fgltlLVR4KTs6sC17OK9fm7CCdav96oizMrTt9lb1c9k8IYnggtUoauKHbQC7rUVRE8B9lIT1R//nu2YgB/Ecf6YEDO8DXptWZBUhrwOhBoKevrB4Xck9q41/yo+53Ufg5EmCexbal9IRmrogjdrNQajIVmJ6o+1BfEo2ZDdvhLy29vOV+ckBHw69uq8pV+6SpQofUh98BBUaX+Yas1SKFTASolPW4o+sDlrAHPQgST6HQSVGUWiQdIDBPe7B7mRJfxszD1ufR71SKHIMD5V7E0WTCl76d2VB/ljToMOjAl/G3LjMF7kaRWqw+jqRNi2Y7ZeIGbOuRjcKPBc90URmRBUcRQVyNdDY2zYJACD/YYPeZas4Xxu0cCoQW4CAKxBO3v0DhIhnru0KE00eohFgXG3Ag+ENIIq3vbssn6NKQKXeuo0afH0TLDb+9K2Tvz9YPFdQshofGLXbJ0dcre108vGBjbgVqMqozoJC2V2foXs2ia9OpgVO2vi2g9pw5tpTivw94hh4/UjYwbzVDE8D92wIczJdCgSU50f8KkEJVKuyGdLYt2TdsuQ2Z1uCYmzr0Gvpm7fCsQxJs7wB7fbuSLc5WT4h76SOmePy14hG5/dLKwgBay71Csx+LgWsm6zVZKsjdFksPSuXEDyRPT69KLRed6/kek3zuEygPd6vlcLEwpiabXMYMtz7w+m5YJrEjOHiH7lF/5gaKVbkko5/Sk5/76brjkupOQLZJ4hw79P6g0h8CyAvw0MgYQUGWY5eix0bju8E/lT7lWlPI7l7TVv4zGKskepqO2HhFa0ogm5hu7EjipzcoXkH8aJ1xfYh2HlZLmO1TWLfD9CvewnkqjnS9wx/DDIr3hGpLNLmXfkLv5fbZy9UpcyA0rwN1C+5xaEqwNL/LrVEH+tdPUEgI1Pxaqw+n7D9V9zJseVXiVDaCEKq/Sr0WI5vkpI+WWeIAVvzP9J+Ak5/7ok3A5hUcQcbS10ZcNdXy1HPprL1+EbXfsjNoNC2gHswkmQOzvklKCUDpTZ3ioX6I74zE2EJmmDYfERoCphLyOwiG7EYZIaW9aCVCBCmnoeJueW/cNcyKSI8BhkjoeWbe9TI8h0AmitBXmxLp/MurU5ioYuIrn1Nh04e3ciAs9+SZpAMSA1WGCVHt7nnkTSj84waB/vVF9yk2d3ql2nfNYFMZf6O9OUgc/LZTc1fB1C8juWgLdedeEUEupQtO9ATE2VtI82N4ObFhhG9WslBzD2DCqA7ANnbyRGJM06r7c32T2J8tl0XbGyKYhjlcpQsZUNG2pmLJ/9wbJC47OiUWZmPXiSaNJlirM8muKi2aTuktRSiZ+TLnYR30Aa0qQptP8rAuWS76oBb1hPhZHw8eYAqVXdsDzgEpLRbHoP9GIMEyrnGLlTzaPwreBaoDncGZZlB7WD1QY2UhH5naBMQwzAC2sqGH2EjF0FEnubEWq+u57/iDoBnQoxh2HOhUyn4G+/QQY0KSR
X-IPAS-Result: A2H3AAA2V3Ne/zCZrQpmGwEBAQEBAQEFAQEBEQEBAwMBAQGBe4MVgTEKlSKbQQkBAQEBAQEBAQEHASMMBAEBAoFkgl0Cgj84EwIDAQELAQEBBQEBAQEBBQMBAQEChj8BC4I7InZxAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBBQJDOB0xAQEBAQM6PwwEAgEIEQQBAR8QMh0IAQEEDgUIgxkEAoJKAz2rf4InhElBQYJSA4IkBoE4jEiBQj6BEYMUPoJkAgIBARiHOASOBokEmTkDB4I8h1ePGyWbS4Roih6JAo9KgxUCBAIEBQIVgWkwgUtwUIJsUBgNkhCFFIVBdAIBjhOBEAEB
Received: from BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1913.5; Thu, 19 Mar 2020 07:32:21 -0400
Received: from BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde]) by BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde%4]) with mapi id 15.01.1913.005; Thu, 19 Mar 2020 07:32:21 -0400
From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
To: "linda.dunbar@futurewei.com" <linda.dunbar@futurewei.com>
CC: "dnsop@ietf.org" <dnsop@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Subject: RE: DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem-statement-08
Thread-Topic: DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem-statement-08
Thread-Index: AdX30T1GApKjttEGSSWK9TMIh4QhbwD4nIvwAHD7kZAAGp4JwA==
Date: Thu, 19 Mar 2020 11:32:21 +0000
Message-ID: <fa2ec2679794499d889a04b26bf82f15@verisign.com>
References: <a88c3dbefb2346239a4be8c11f37695f@verisign.com> <MWHPR1301MB20968A1806026073CF54B7F485F90@MWHPR1301MB2096.namprd13.prod.outlook.com> <MWHPR1301MB2096B90F6093903A500EC32F85F70@MWHPR1301MB2096.namprd13.prod.outlook.com>
In-Reply-To: <MWHPR1301MB2096B90F6093903A500EC32F85F70@MWHPR1301MB2096.namprd13.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/3hdzvnf9c61CgJg60qQIukztFQA>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Mar 2020 11:33:45 -0000
You're welcome, and thanks for accepting the suggestion. Scott > -----Original Message----- > From: Linda Dunbar <linda.dunbar@futurewei.com> > Sent: Wednesday, March 18, 2020 6:54 PM > To: Hollenbeck, Scott <shollenbeck@verisign.com> > Cc: dnsop@ietf.org; rtgwg@ietf.org > Subject: [EXTERNAL] RE: DNS for Cloud Resources in draft-ietf-rtgwg- > net2cloud-problem-statement-08 > > Scott, > Here is the revised version with your suggested changes incorporated: > https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-problem- > statement/ > > > Thank you very much for the review and suggestion. > > Linda Dunbar > > -----Original Message----- > From: Linda Dunbar > Sent: Monday, March 16, 2020 12:01 PM > To: Hollenbeck, Scott <shollenbeck@verisign.com> > Cc: dnsop@ietf.org; rtgwg@ietf.org > Subject: RE: DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem- > statement-08 > > Scott, > > Thank you very much for the suggestion. Have changed the text per your > suggestion. Will upload the new version when the IETF submission opens up > next Monday. > > Linda > > -----Original Message----- > From: Hollenbeck, Scott <shollenbeck@verisign.com> > Sent: Wednesday, March 11, 2020 1:19 PM > To: Linda Dunbar <linda.dunbar@futurewei.com> > Cc: dnsop@ietf.org > Subject: DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem- > statement-08 > > (Sorry, this is a late response to a review request original sent to the dnsop > list on 11 February) > > Section 3.4 (DNS for Cloud Resources) includes these sentences: > > "Globally unique names do prevent any possibility of collision at the present > or in the future and they make DNSSEC trust manageable. It's not as if there > is or even could be some sort of shortage in available names that can be > used, especially when subdomains and the ability to delegate administrative > boundaries are considered." > > Could we make the last sentence stronger, perhaps with a statement like this > from the US CERT WPAD Name Collision Vulnerability alert dated May 23, > 2016? > > "Globally unique names do prevent any possibility of collision at the present > or in the future and they make DNSSEC trust manageable. Consider using a > registered and fully qualified domain name (FQDN) from global DNS as the > root for enterprise and other internal namespaces." > > https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fww > w.us-cert.gov%2Fncas%2Falerts%2FTA16- > 144A&data=02%7C01%7Clinda.dunbar%40futurewei.com%7Cc4a7c2f2e > 85741d5b8a308d7c5e8eef1%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C > 1%7C637195476559397274&sdata=vBnDcnkZ8Zsk7MT610GQOsRQVt7G > %2BLscbvwiDWXX%2Fvc%3D&reserved=0 > > The alert actually says "other internal namespace", but I think that's a typo. > > Scott
- RE: DNS for Cloud Resources in draft-ietf-rtgwg-n… Linda Dunbar
- RE: DNS for Cloud Resources in draft-ietf-rtgwg-n… Linda Dunbar
- RE: DNS for Cloud Resources in draft-ietf-rtgwg-n… Hollenbeck, Scott