Re: [saag] [dnsext] draft-rafiee-cga-tsig-00 - call for more comments
"Rafiee, Hosnieh" <rafiee@hpi.uni-potsdam.de> Tue, 09 October 2012 11:13 UTC
Return-Path: <rafiee@hpi.uni-potsdam.de>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DB1921F84F0; Tue, 9 Oct 2012 04:13:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.966
X-Spam-Level:
X-Spam-Status: No, score=-1.966 tagged_above=-999 required=5 tests=[AWL=0.283, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KNGaPDApEs1w; Tue, 9 Oct 2012 04:13:41 -0700 (PDT)
Received: from mail3.hpi.uni-potsdam.de (mail3.hpi.uni-potsdam.de [IPv6:2001:638:807:204::8d59:e17b]) by ietfa.amsl.com (Postfix) with ESMTP id F349F21F84F1; Tue, 9 Oct 2012 04:13:38 -0700 (PDT)
Received: from owa2.hpi.uni-potsdam.de (owa2.hpi.uni-potsdam.de [141.89.225.162]) by mail3.hpi.uni-potsdam.de (Postfix) with ESMTP id 6B774169E7B; Tue, 9 Oct 2012 13:13:33 +0200 (CEST)
Received: from 8MXMA1R.hpi.uni-potsdam.de ([fe80::88e9:3d98:b35f:83bf]) by OWA2.hpi.uni-potsdam.de ([2002:8d59:e1a2::8d59:e1a2]) with mapi; Tue, 9 Oct 2012 13:13:33 +0200
From: "Rafiee, Hosnieh" <rafiee@hpi.uni-potsdam.de>
To: "dnsext@ietf.org" <dnsext@ietf.org>
Date: Tue, 09 Oct 2012 13:13:32 +0200
Thread-Topic: [dnsext] draft-rafiee-cga-tsig-00 - call for more comments
Thread-Index: Ac2lkN6YCNqEW9kdTEm8XD7GV2kI9AAfe1VA
Message-ID: <EA738325B0580041A50A364F5F76B68924CD4EAF75@8MXMA1R.hpi.uni-potsdam.de>
Accept-Language: en-US, de-DE
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, de-DE
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "DNSOP@ietf.org" <DNSOP@ietf.org>, "Int-area@ietf.org" <Int-area@ietf.org>, "v6ops@ietf.org" <v6ops@ietf.org>, "ipv6@ietf.org" <ipv6@ietf.org>, "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] [dnsext] draft-rafiee-cga-tsig-00 - call for more comments
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Oct 2012 11:13:42 -0000
More ideas and comments would be greatly apprecitated as I want to upload a new version of my draft RFC in which I will incorporate applicable comments. -----Original Message----- From: Rafiee, Hosnieh Sent: Thursday, October 04, 2012 9:28 AM To: 'Mark Andrews' Cc: dnsext@ietf.org Subject: RE: [dnsext] draft-rafiee-cga-tsig-00 - request for comments Thank you, I will change it and move the whole CGA-TSIG DATA inside the Other DATA. -----Original Message----- From: Mark Andrews [mailto:marka@isc.org] Sent: Thursday, October 04, 2012 9:15 AM To: Rafiee, Hosnieh Cc: dnsext@ietf.org Subject: Re: [dnsext] draft-rafiee-cga-tsig-00 - request for comments In message <EA738325B0580041A50A364F5F76B68924CD4EAD36@8MXMA1R.hpi.uni-potsdam.de>, "Rafiee, Hosnieh" writes: > Hello Mark, > Thank you for your comment. Yes can be,=20 But the reason is the TSIG > parsers need to be adapted with this new algori= thm and it is not > different whether to put it in Other DATA or after Other = DATA field. > Because Other Data has variable length too like the CGA-TSIG DA= TA. > If I missed something please advise. It is different. Examine the behaviour of CGA-TSIG client talking to a non CGA-TSIG aware server. The response to using a unknown algorithm should be BADKEY not FORMERR because the server couldn't parse the TSIG record. Mark > Thank you. > Hosnieh > -----Original Message----- > From: Mark Andrews [mailto:marka@isc.org]=20 > Sent: Thursday, October 04, 2012 8:45 AM > To: Rafiee, Hosnieh > Cc: dnsext@ietf.org > Subject: Re: [dnsext] draft-rafiee-cga-tsig-00 - request for comments > > > Why are the CGA parameters not part of other data? That field was > added to= TSIG to hold stuff similar to CGA parameters. By making it > a seperate fie= ld you break all existing TSIG parsers. The CGA > parameters could just be d= efined to be the initial part of other data. > > -- > Mark Andrews, ISC > 1 Seymour St., Dundas Valley, NSW 2117, Australia > PHONE: +61 2 9871 4742 INTERNET: marka@isc.org -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- Re: [saag] [dnsext] draft-rafiee-cga-tsig-00 - ca… Rafiee, Hosnieh