IETF Logo Mail Archive

Re: [v6ops] Fwd: draft-palet-v6ops-nat64-deployment-02 comments

<nick.heatley@bt.com> Wed, 04 July 2018 08:04 UTC

Return-Path: <nick.heatley@bt.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50B6D130DC1 for <v6ops@ietfa.amsl.com>; Wed, 4 Jul 2018 01:04:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.609
X-Spam-Level:
X-Spam-Status: No, score=-2.609 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btgroupcloud.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zVH4tF9ZH60Y for <v6ops@ietfa.amsl.com>; Wed, 4 Jul 2018 01:03:59 -0700 (PDT)
Received: from smtpe1.intersmtp.com (smtpe1.intersmtp.com [62.239.224.236]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65D24130DEC for <v6ops@ietf.org>; Wed, 4 Jul 2018 01:03:57 -0700 (PDT)
Received: from tpw09926dag03f.domain1.systemhost.net (10.9.202.22) by RDW083A007ED63.bt.com (10.187.98.12) with Microsoft SMTP Server (TLS) id 14.3.319.2; Wed, 4 Jul 2018 09:04:11 +0100
Received: from tpw09926dag07f.domain1.systemhost.net (10.9.202.38) by tpw09926dag03f.domain1.systemhost.net (10.9.202.22) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Wed, 4 Jul 2018 09:03:55 +0100
Received: from RDW083A005ED61.bt.com (10.187.98.10) by tpw09926dag07f.domain1.systemhost.net (10.9.202.38) with Microsoft SMTP Server (TLS) id 15.0.1293.2 via Frontend Transport; Wed, 4 Jul 2018 09:03:55 +0100
Received: from GBR01-LO2-obe.outbound.protection.outlook.com (23.103.134.177) by smtpe1.intersmtp.com (62.239.224.234) with Microsoft SMTP Server (TLS) id 14.3.319.2; Wed, 4 Jul 2018 09:03:44 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=BTGroupCloud.onmicrosoft.com; s=selector1-bt-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=P40B9XLql5jz4FGb2ZXXfLQ6lsSSyhdTO1xjR4259dA=; b=ePJ42lDembA+GnxghCdYHaNgrU/5sj4kchKNQ2Je/n5HF8cVGKfE2qYqUEuXC+NkWkdGghrBD/aO19IrS4hMP9yFANKr+gnm1wJ3GJWqecEfTu4dlAdcRwhH/t9gxXxFob1oj+Ki76HeUc/wmfi9xFP2hj8/PO2TQP2rCbfGagM=
Received: from LO1P123MB0098.GBRP123.PROD.OUTLOOK.COM (10.167.24.141) by LO1P123MB1027.GBRP123.PROD.OUTLOOK.COM (10.167.26.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.930.18; Wed, 4 Jul 2018 08:03:35 +0000
Received: from LO1P123MB0098.GBRP123.PROD.OUTLOOK.COM ([fe80::7c12:6cbe:b2c9:e22b]) by LO1P123MB0098.GBRP123.PROD.OUTLOOK.COM ([fe80::7c12:6cbe:b2c9:e22b%5]) with mapi id 15.20.0930.016; Wed, 4 Jul 2018 08:03:35 +0000
From: nick.heatley@bt.com
To: cb.list6@gmail.com, fredbaker.ietf@gmail.com
CC: v6ops@ietf.org
Thread-Topic: [v6ops] Fwd: draft-palet-v6ops-nat64-deployment-02 comments
Thread-Index: AQHUEwVgo4odVNVeGUiuQJqh826+16R+st6A
Date: Wed, 04 Jul 2018 08:03:35 +0000
Message-ID: <LO1P123MB00987B70441BB1B0EB1D3B64EA410@LO1P123MB0098.GBRP123.PROD.OUTLOOK.COM>
References: <CAD6AjGQqaQumYyBPVG6qkc9cs+jSGFKgUnGHkMfJmtes5Fk47g@mail.gmail.com> <AD5D4A8E-8A02-463B-A222-3D32A6235DF4@gmail.com> <CAD6AjGQsDq1ELdZPnaAtbZPq5SZoXbD--W5JS5tkN63J1D=W9g@mail.gmail.com>
In-Reply-To: <CAD6AjGQsDq1ELdZPnaAtbZPq5SZoXbD--W5JS5tkN63J1D=W9g@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=nick.heatley@bt.com;
x-originating-ip: [77.97.239.204]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; LO1P123MB1027; 7:8IKmRJbQp36KPtY1huWmP0yFDc8BPU46j9jKGoDc7AgyXV6CSwIba+RTh1mq88Wbs91WV8TzE7Rt3RdSsyMY1s/runcv04F7+z56t9ChAsUuUAAIvbyHhM2roD98BXQ8AKPHd1PGwWQEbA2p7dT4aL2o6bg/UQ3zFa0EBHsu+HslY6EKuZv8YU4nQz9Q/gwBd4DEKQCz/k+DsH2BCMs0KsoOTlo1Lzh2Pq6XFZECN2SsZZPucxSgBP3LZbvZ9uD4
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 3fce1c5a-0874-4302-d0f3-08d5e184a477
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(5600053)(711020)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(2017052603328)(7153060)(7193020); SRVR:LO1P123MB1027;
x-ms-traffictypediagnostic: LO1P123MB1027:
x-antispam-2: 1
x-microsoft-antispam-prvs: <LO1P123MB1027314B89A39821EA0927D4EA410@LO1P123MB1027.GBRP123.PROD.OUTLOOK.COM>
x-exchange-antispam-report-test: UriScan:(28532068793085)(120809045254105)(85827821059158)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(3231254)(944501410)(52105095)(149027)(150027)(6041310)(20161123562045)(20161123560045)(20161123558120)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011)(7699016); SRVR:LO1P123MB1027; BCL:0; PCL:0; RULEID:; SRVR:LO1P123MB1027;
x-forefront-prvs: 0723A02764
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(346002)(376002)(366004)(396003)(39860400002)(189003)(199004)(6306002)(4326008)(86362001)(55016002)(74316002)(316002)(54896002)(7736002)(9686003)(25786009)(229853002)(236005)(33656002)(66066001)(5660300001)(97736004)(186003)(2906002)(6436002)(8676002)(2900100001)(105586002)(478600001)(5250100002)(99286004)(106356001)(446003)(11346002)(476003)(606006)(76176011)(81156014)(14444005)(14454004)(102836004)(256004)(486006)(53546011)(81166006)(966005)(8936002)(110136005)(68736007)(6506007)(26005)(53936002)(39060400002)(7696005)(6246003)(790700001)(6116002)(3846002); DIR:OUT; SFP:1101; SCL:1; SRVR:LO1P123MB1027; H:LO1P123MB0098.GBRP123.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: bt.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: vFIJvnbtZ06GEql5erXtNRmZ4yGMCbCaGS6PvTMq6sBCKwECleU+UY2Dxwo5AXYh1nc/9H0kf1qlaR6wCE6ZjOYIRWJIIvR6hwF5Zq8zDy0bDARoCxu9W4ET00VjISliVsx5aa9js0GsJE/1xtRJsNI9q84FhB+fBoh48iSl2p7vwMsRtFK3qdmTcWd2h/OjRYz/24tniljpK/lzxp23aUun5wclwVEMxw9ugP658V2VRhVIl7PIIljM8A34+UiSHko1lm6PPT/HnWGW0Gbw3bWXG58pXaGEmBYXgCp1oVrmjHbMjE+gacjpZbc4rnPp56AF+89DIaiEKD4cpmWky/ExLoLjou24VQutWrfELtg=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_LO1P123MB00987B70441BB1B0EB1D3B64EA410LO1P123MB0098GBRP_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 3fce1c5a-0874-4302-d0f3-08d5e184a477
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jul 2018 08:03:35.2790 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: a7f35688-9c00-4d5e-ba41-29f146377ab0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO1P123MB1027
X-OriginatorOrg: bt.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/_xJONwbmSXfP4NS1tTMpeWdUJD4>
Subject: Re: [v6ops] Fwd: draft-palet-v6ops-nat64-deployment-02 comments
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jul 2018 08:04:03 -0000

I find this a useful draft, this problematic outcome that the draft seeks to avoid will exist.
The draft is worthy of consideration.

From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Ca By
Sent: 03 July 2018 20:37
To: Fred Baker <fredbaker.ietf@gmail.com>
Cc: v6ops@ietf.org WG <v6ops@ietf.org>
Subject: Re: [v6ops] Fwd: draft-palet-v6ops-nat64-deployment-02 comments



On Tue, Jul 3, 2018 at 10:11 AM Fred Baker <fredbaker.ietf@gmail.com<mailto:fredbaker.ietf@gmail.com>> wrote:
A general note. I have wondered aloud about interest in several new drafts, and managed to miss Cameron's:

https://datatracker.ietf.org/doc/draft-byrne-v6ops-dnssecaaaa
https://tools.ietf.org/html/draft-byrne-v6ops-dnssecaaaa
  "DNSSEC Resource Record Should Include AAAA", Cameron Byrne, 2018-07-01,

If you want it on the agenda in two weeks, now would be the time to say so.

No, i will not be present.

But  i am interested in folks sending feedback on if this is useful.  The goal of this I-D is to harmonize dns64 and dnssec deployment with an ideal solution, as opposed to falling into a worst case where folks pick one or the other.



> Begin forwarded message:
>
> From: Ca By <cb.list6@gmail.com<mailto:cb.list6@gmail.com>>
> Subject: Re: [v6ops] draft-palet-v6ops-nat64-deployment-02 comments
> Date: July 2, 2018 at 2:55:09 PM PDT
> To: Fred Baker <fredbaker.ietf@gmail.com<mailto:fredbaker.ietf@gmail.com>>
> Cc: JORDI PALET MARTINEZ <jordi.palet@consulintel.es<mailto:jordi.palet@consulintel..es>>, "v6ops@ietf.org<mailto:v6ops@ietf.org> list" <v6ops@ietf.org<mailto:v6ops@ietf.org>>
>
>
>
> On Mon, Jul 2, 2018 at 1:41 PM Fred Baker <fredbaker.ietf@gmail.com<mailto:fredbaker.ietf@gmail.com>> wrote:
>
>
> > On Jul 2, 2018, at 1:17 PM, JORDI PALET MARTINEZ <jordi.palet@consulintel..es<mailto:jordi.palet@consulintel.es>> wrote:
> >
> > DNSSEC is *only* broken if the dual-stack host is doing DNSSEC validation over the synthetized AAAA.
>
> So you're worried about DNSSEC validation working through NAT64 in the case that the host is using the DNS service in the IPv4 network through the NAT64 device.
>
> That doesn't have anything to do with DNS64; an a 464XLAT network, if we believe RFC 6877, the issue you raise happens in the absence of DNS64.
>
> A good postion for the IETF to take is that one should only produce a signed A if they can also produce a signed AAAA, which is not a tall order these says
>
> https://tools.ietf.org/html/draft-byrne-v6ops-dnssecaaaa-00
>
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org<mailto:v6ops@ietf.org>
> https://www.ietf.org/mailman/listinfo/v6ops

_______________________________________________
v6ops mailing list
v6ops@ietf.org<mailto:v6ops@ietf.org>
https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email