Re: [lamps] CAA Simplification draft
fujiwara@jprs.co.jp Tue, 19 September 2017 10:20 UTC
Return-Path: <fujiwara@jprs.co.jp>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 059D9126B7E for <spasm@ietfa.amsl.com>; Tue, 19 Sep 2017 03:20:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 84FVmiJTscks for <spasm@ietfa.amsl.com>; Tue, 19 Sep 2017 03:20:29 -0700 (PDT)
Received: from off-send01.osa.jprs.co.jp (off-send01.osa.jprs.co.jp [IPv6:2001:218:3001:17::10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 699EE132D8A for <spasm@ietf.org>; Tue, 19 Sep 2017 03:20:16 -0700 (PDT)
Received: from off-sendsmg01.osa.jprs.co.jp (off-sendsmg01.osa.jprs.co.jp [172.23.8.61]) by off-send01.osa.jprs.co.jp (8.14.4/8.14.4) with ESMTP id v8JAKAdu003804; Tue, 19 Sep 2017 19:20:10 +0900
Received: from off-sendsmg01.osa.jprs.co.jp (localhost [127.0.0.1]) by postfix.imss71 (Postfix) with ESMTP id 30607180064; Tue, 19 Sep 2017 19:20:09 +0900 (JST)
Received: from localhost (off-cpu05.osa.jprs.co.jp [172.23.4.15]) by off-sendsmg01.osa.jprs.co.jp (Postfix) with ESMTP id 1A390180062; Tue, 19 Sep 2017 19:20:09 +0900 (JST)
Date: Tue, 19 Sep 2017 19:20:08 +0900
Message-Id: <20170919.192008.787143344501911357.fujiwara@jprs.co.jp>
To: jsha@eff.org
Cc: spasm@ietf.org
From: fujiwara@jprs.co.jp
In-Reply-To: <02d4e149-b777-5b5c-1cd0-a2c2aae49311@eff.org>
References: <02d4e149-b777-5b5c-1cd0-a2c2aae49311@eff.org>
X-Mailer: Mew version 6.5 on Emacs 24.4 / Mule 6.0 (HANACHIRUSATO)
Mime-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-TM-AS-MML: disable
X-TM-AS-Product-Ver: IMSS-7.1.0.1690-8.1.0.1062-23338.004
X-TM-AS-Result: No--0.693-5.0-31-10
X-imss-scan-details: No--0.693-5.0-31-10
X-TMASE-MatchedRID: jOF9SGbtYWxCXIGdsOwlUu5i6weAmSDKYawhvkuLgj7adW4iYSMjUds1 CHzkaGoiSEpwrDCjtgwHwP5zLNLkyfdlvs2UcJ0YrQcmzcV8ovwPo0vi0aZfNbv408/GP5HqWio bvLavUWKxMJ5xZ0J5p4/c5Me1/B6VtcCPfkIwcq4c9jA4mLo8uReN8ZMPETMtvH0oAj/wZg+jxY yRBa/qJX3mXSdV7KK4P+fP7xq5aHOy9Q92ZKlY2s4XLBsYBeuCKrauXd3MZDU0XYPbWCCVhYHLK Csoj7WVHv11FZcBnjoqBYIeCc+udyV//CVLUCMm0j8DLTpYMUtuzL3l31iDD756D1/9xR+Q2/Cz k69Kxn+K1E7EcEHndXWzxraQrrH3fWtDOV9+jn3/UOLrc6wdEOiH9KrflGju
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/4wG8uXvEb3KkuDpuZ2KU9bq6wkE>
Subject: Re: [lamps] CAA Simplification draft
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Sep 2017 10:20:32 -0000
I did not know about RFC 6844 and was surprised about "tree climing" and "CNAME". > From: Jacob Hoffman-Andrews <jsha@eff.org> > https://www.ietf.org/id/draft-hoffman-andrews-caa-simplification-00.txt I checked differences between RFC 6844 and the draft. https://tools.ietf.org/rfcdiff?url1=https://tools.ietf.org/rfc/rfc6844.txt&url2=https://www.ietf.org/id/draft-hoffman-andrews-caa-simplification-01.txt I have some comments. - Current draft has some formatting mistakes. current text: $ORIGIN example.com . CAA 0 issue "ca.example.net" should be (from RFC 6844) rfc6844: $ORIGIN example.com rfc6844: . CAA 0 issue "ca.example.net" However, I would like to suggest to remove "$ORIGIN" and add tailing dot in domain names. proposed: example.com. CAA 0 issue "ca.example.net" - Current document still contain "tree climing" and checks CAA RR in TLDs. The tree climing should stop at administrative domain boundaries. "example.com." domain name owner does not want to be checked "com. CAA". See (concluded) dbound WG and Public Suffix list discussions. https://tools.ietf.org/wg/dbound/ https://publicsuffix.org/ - I like prefixed record solution proposed at IETF 99 lamps WG. https://datatracker.ietf.org/meeting/99/materials/slides-99-lamps-caabis/ However, it is not compatible with RFC 6844. Regards, -- Kazunori Fujiwara, JPRS <fujiwara@jprs.co.jp>
- [lamps] CAA Simplification draft Jacob Hoffman-Andrews
- Re: [lamps] CAA Simplification draft Roland Bracewell Shoemaker
- Re: [lamps] CAA Simplification draft Jacob Hoffman-Andrews
- Re: [lamps] CAA Simplification draft Roland Bracewell Shoemaker
- Re: [lamps] CAA Simplification draft fujiwara
- Re: [lamps] CAA Simplification draft Phillip Hallam-Baker
- Re: [lamps] CAA Simplification draft Jacob Hoffman-Andrews