[DNSOP] Possible missed messages on this list

2018-02-14 Thread Glen
Possible missed messages on this list Dear list participants - An upgrade to the IETF's custom mail processing software today resulted in some delivery failures for *some* messages to *some* recipients on this list, over the past 3 hours. We invite you to check the mail archives for this list,

Re: [DNSOP] [dnssd] Working Group Last Call - draft-ietf-dnsop-session-signal

2018-02-14 Thread Ted Lemon
On Feb 14, 2018, at 6:06 PM, Jan Komissar (jkomissa) wrote: > Currently, there are only plans for DPN, and that would force every > connection to be TLS. However, if a future protocol “Z-over-DSO” does not > require TLS, it is possible that a client would create a TCP

Re: [DNSOP] [dnssd] Working Group Last Call - draft-ietf-dnsop-session-signal

2018-02-14 Thread Ray Bellis
On 14/02/2018 23:06, Jan Komissar (jkomissa) wrote: > Currently, there are only plans for DPN, and that would force every > connection to be TLS. DPN is the only current _extension_ to DSO. DSO is also supposed to stand in its own right as a way to improve the management of long-lived

Re: [DNSOP] [dnssd] Working Group Last Call - draft-ietf-dnsop-session-signal

2018-02-14 Thread Jan Komissar (jkomissa)
Hi Ted, I’ll try to clarify: Currently, there are only plans for DPN, and that would force every connection to be TLS. However, if a future protocol “Z-over-DSO” does not require TLS, it is possible that a client would create a TCP connection for Z and later would want to send DPN operation

Re: [DNSOP] [dnssd] Working Group Last Call - draft-ietf-dnsop-session-signal

2018-02-14 Thread Ted Lemon
On Feb 14, 2018, at 5:12 PM, Jan Komissar (jkomissa) wrote: > 1: I think that it would be better to require TLS for all DSO connections. > This document (DSO) specifies that it should use TCP or TLS for connections, > but the DNS Push Notification (DPN) draft requires TLS.

Re: [DNSOP] Working Group Last Call - draft-ietf-dnsop-session-signal

2018-02-14 Thread Jan Komissar (jkomissa)
Two items related to this: 1: I think that it would be better to require TLS for all DSO connections. This document (DSO) specifies that it should use TCP or TLS for connections, but the DNS Push Notification (DPN) draft requires TLS. This would complicate matters if a standard TCP connection

Re: [DNSOP] Updated KSK Sentinel document

2018-02-14 Thread 神明達哉
At Mon, 12 Feb 2018 15:28:50 -0500, Warren Kumari wrote: > Anyway, we've finally posted an updated version - > https://datatracker.ietf.org/doc/draft-ietf-dnsop-kskroll-sentinel/ I've read draft-ietf-dnsop-kskroll-sentinel-01 (this is my first careful read of this draft) and