Re: [secdir] Secdir review of draft-ietf-behave-nat64-learn-analysis-03.txt
Samuel Weiler <weiler@watson.org> Wed, 11 April 2012 19:33 UTC
Return-Path: <weiler@watson.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 800B211E80B8 for <secdir@ietfa.amsl.com>; Wed, 11 Apr 2012 12:33:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I+ReT+0Yu7hG for <secdir@ietfa.amsl.com>; Wed, 11 Apr 2012 12:33:19 -0700 (PDT)
Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by ietfa.amsl.com (Postfix) with ESMTP id E63E411E80B3 for <secdir@ietf.org>; Wed, 11 Apr 2012 12:33:18 -0700 (PDT)
Received: from fledge.watson.org (localhost.watson.org [127.0.0.1]) by fledge.watson.org (8.14.4/8.14.4) with ESMTP id q3BJXHJq042498; Wed, 11 Apr 2012 15:33:17 -0400 (EDT) (envelope-from weiler@watson.org)
Received: from localhost (weiler@localhost) by fledge.watson.org (8.14.4/8.14.4/Submit) with ESMTP id q3BJXHPh042492; Wed, 11 Apr 2012 15:33:17 -0400 (EDT) (envelope-from weiler@watson.org)
X-Authentication-Warning: fledge.watson.org: weiler owned process doing -bs
Date: Wed, 11 Apr 2012 15:33:17 -0400
From: Samuel Weiler <weiler@watson.org>
To: Alexey Melnikov <alexey.melnikov@isode.com>
In-Reply-To: <4F842A4D.1000205@isode.com>
Message-ID: <alpine.BSF.2.00.1204111528300.19341@fledge.watson.org>
References: <4F842937.9050305@isode.com> <4F842A4D.1000205@isode.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (fledge.watson.org [127.0.0.1]); Wed, 11 Apr 2012 15:33:18 -0400 (EDT)
Cc: secdir@ietf.org
Subject: Re: [secdir] Secdir review of draft-ietf-behave-nat64-learn-analysis-03.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: secdir-secretary@mit.edu
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Apr 2012 19:33:19 -0000
On Tue, 10 Apr 2012, Alexey Melnikov wrote: > I have to admit that my knowledge of DNSSEC is lacking, so can somebody help > me answer this question (which I didn't mention in my SecDir review): > > 5.2. EDNS0 option indicating AAAA Record synthesis and format ... > EDNS0 option [RFC2671], which contained 3 flag bits (called SY-bits). ... > Will DNS64 insertion of this option invalid DNSSEC signature? No. EDNS0 "stuff" is not DNSSEC-signed. I'm not familiar with the cited proposal, but it looks like a poor choice for the task -- EDNS0 "stuff" is hop-by-hop, and this look like data that should persist through the network. -- Sam
- [secdir] Secdir review of draft-ietf-behave-nat64… Alexey Melnikov
- Re: [secdir] Secdir review of draft-ietf-behave-n… Alexey Melnikov
- Re: [secdir] Secdir review of draft-ietf-behave-n… jouni korhonen
- Re: [secdir] Secdir review of draft-ietf-behave-n… David Harrington
- Re: [secdir] Secdir review of draft-ietf-behave-n… jouni korhonen
- Re: [secdir] Secdir review of draft-ietf-behave-n… jouni korhonen
- Re: [secdir] Secdir review of draft-ietf-behave-n… Alexey Melnikov
- Re: [secdir] Secdir review of draft-ietf-behave-n… Alexey Melnikov
- Re: [secdir] Secdir review of draft-ietf-behave-n… Samuel Weiler
- Re: [secdir] Secdir review of draft-ietf-behave-n… Samuel Weiler
- Re: [secdir] Secdir review of draft-ietf-behave-n… Samuel Weiler
- Re: [secdir] Secdir review of draft-ietf-behave-n… jouni korhonen
- Re: [secdir] Secdir review of draft-ietf-behave-n… Samuel Weiler