[DNSOP]Re: Erik Kline's No Objection on draft-ietf-dnsop-dnssec-bootstrapping-08: (with COMMENT)
On Fri, May 10, 2024 at 10:12 PM Erik Kline wrote: > On Tue, May 7, 2024 at 12:59 AM Peter Thomassen wrote: > >> Hi Erik, >> >> Thanks for your review! >> >> On 5/5/24 00:18, Erik Kline via Datatracker wrote: >> > ## Comments >> > >> > ### S7 >> > >> > * Should there be some kind of registration or reservation for the >> "_dsboot" >> >meaning and usage described in this document? >> The authors were wondering as well. >> >> We figured that unlike in case of the existing underscore registry, the >> issue seems less pressing: >> >> The _dsboot etc. labels are under the "main" underscore label right in >> front of the nameserver name. As a result, the signaling type label (like >> _dsboot) is somewhat "shielded", in the sense that they are only used under >> the signaling mechanism, i.e., by DNS operators announcing stuff about >> their managed zones. Given the limited target group for the signaling >> mechanism overall, collisions seem less likely than with underscore labels >> in general. >> >> The authors are also not sure under which conditions such registries >> should or should not be erected. In short, we don't really have an answer >> to your question, except that less may be more, but it's not clear. >> >> That said, the authors think "why not", and if you wish, we can add a >> section to address this. I imagine this would be something like RFC 8552 >> Section 4.1 [1]. This would add ~2 pages to the draft, unless there's a >> shorter way to do it. >> >> [1]: https://www.rfc-editor.org/rfc/rfc8552#section-4.1 >> >> Thanks, >> Peter and Nils >> > > Thanks for your reply. I have no particular intuition telling me what's > best here. I'm happy to wait and see what other reviews think. > I should add that if no registration of any sort is made then it may be worth a sentence or two saying why nothing is established at this time. But again: I'm happy to wait and see what consensus emerges. ___ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
[DNSOP]Re: Erik Kline's No Objection on draft-ietf-dnsop-dnssec-bootstrapping-08: (with COMMENT)
On Tue, May 7, 2024 at 12:59 AM Peter Thomassen wrote: > Hi Erik, > > Thanks for your review! > > On 5/5/24 00:18, Erik Kline via Datatracker wrote: > > ## Comments > > > > ### S7 > > > > * Should there be some kind of registration or reservation for the > "_dsboot" > >meaning and usage described in this document? > The authors were wondering as well. > > We figured that unlike in case of the existing underscore registry, the > issue seems less pressing: > > The _dsboot etc. labels are under the "main" underscore label right in > front of the nameserver name. As a result, the signaling type label (like > _dsboot) is somewhat "shielded", in the sense that they are only used under > the signaling mechanism, i.e., by DNS operators announcing stuff about > their managed zones. Given the limited target group for the signaling > mechanism overall, collisions seem less likely than with underscore labels > in general. > > The authors are also not sure under which conditions such registries > should or should not be erected. In short, we don't really have an answer > to your question, except that less may be more, but it's not clear. > > That said, the authors think "why not", and if you wish, we can add a > section to address this. I imagine this would be something like RFC 8552 > Section 4.1 [1]. This would add ~2 pages to the draft, unless there's a > shorter way to do it. > > [1]: https://www.rfc-editor.org/rfc/rfc8552#section-4.1 > > Thanks, > Peter and Nils > Thanks for your reply. I have no particular intuition telling me what's best here. I'm happy to wait and see what other reviews think. ___ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
[DNSOP]Re: Erik Kline's No Objection on draft-ietf-dnsop-dnssec-bootstrapping-08: (with COMMENT)
Hi Erik, Thanks for your review! On 5/5/24 00:18, Erik Kline via Datatracker wrote: ## Comments ### S7 * Should there be some kind of registration or reservation for the "_dsboot" meaning and usage described in this document? The authors were wondering as well. We figured that unlike in case of the existing underscore registry, the issue seems less pressing: The _dsboot etc. labels are under the "main" underscore label right in front of the nameserver name. As a result, the signaling type label (like _dsboot) is somewhat "shielded", in the sense that they are only used under the signaling mechanism, i.e., by DNS operators announcing stuff about their managed zones. Given the limited target group for the signaling mechanism overall, collisions seem less likely than with underscore labels in general. The authors are also not sure under which conditions such registries should or should not be erected. In short, we don't really have an answer to your question, except that less may be more, but it's not clear. That said, the authors think "why not", and if you wish, we can add a section to address this. I imagine this would be something like RFC 8552 Section 4.1 [1]. This would add ~2 pages to the draft, unless there's a shorter way to do it. [1]: https://www.rfc-editor.org/rfc/rfc8552#section-4.1 Thanks, Peter and Nils -- https://desec.io/ ___ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org