Re: [DNSOP] Dnsdir last call review of draft-ietf-dnsop-caching-resolution-failures-03

2023-06-29 Thread Wessels, Duane
Hi Peter, Thank you for the detailed review. Responses from the authors are inline below. > On Jun 26, 2023, at 7:47 AM, Peter van Dijk via Datatracker > wrote: > > Reviewer: Peter van Dijk > Review result: Almost Ready > > I have been selected as the DNS Directorate reviewer for this

[DNSOP] Dnsdir early review of draft-ietf-dnsop-structured-dns-error-03

2023-06-29 Thread Matt Brown via Datatracker
Reviewer: Matt Brown Review result: Almost Ready I believe this draft has ambiguities that will present issues for implementing clients that require further discussion and clarification before proceeding. **Issue 1** RFC8914 is clear (section 2) regarding EXTRA-TEXT that “This information is

Re: [DNSOP] draft-dulaunoy-dnsop-passive-dns-cof

2023-06-29 Thread Robert Edmonds
Tim Wicinski wrote: > All > > Draft-dulaunoy-dnsop-passive-dns-cof was originally submitted back in 2014, > and > has had 10 revisions since then. > > https://datatracker.ietf.org/doc/draft-dulaunoy-dnsop-passive-dns-cof/ > > Note that the format is now fixed, and there are several

Re: [DNSOP] Next steps: draft-ietf-core-dns-over-coap

2023-06-29 Thread Ben Schwartz
On 6/28/23, 10:24 AM, "Martine Sophie Lenders" wrote: Hi Ben, On 23.06.23 22:23, Ben Schwartz wrote: > I think it would be helpful if this document were more explicit about > its motivation. In my view, the underlying motivation for this draft is > to enable seamless management of DNS service

Re: [DNSOP] draft-dulaunoy-dnsop-passive-dns-cof

2023-06-29 Thread John R Levine
On Thu, 29 Jun 2023, Ben Schwartz wrote: If you're running 8.8.8.8 your logs have a whole lot of PII, but if you're running resolvers in front of industrial networks and using PDNS to look for malfunctioning or compromised IoT boxes, there's no PII at all. Yes, but since the format doesn’t

Re: [DNSOP] draft-dulaunoy-dnsop-passive-dns-cof

2023-06-29 Thread John R Levine
If the IETF says “deidentified DNS logs are basically anonymous” vs. “deidentified DNS logs are basically PII”, I believe that makes a big difference in the world. Expert practitioners might already understand the nuance here, but our audience is broader than that. But neither is

Re: [DNSOP] draft-dulaunoy-dnsop-passive-dns-cof

2023-06-29 Thread Ben Schwartz
On 6/29/23, 1:11 PM, "John R Levine" wrote: If you're running 8.8.8.8 your logs have a whole lot of PII, but if you're running resolvers in front of industrial networks and using PDNS to look for malfunctioning or compromised IoT boxes, there's no PII at all. Yes, but since the format doesn’t

Re: [DNSOP] draft-dulaunoy-dnsop-passive-dns-cof

2023-06-29 Thread John R Levine
When the IETF documents something, that is unavoidably an endorsement. We should be cautious about what we endorse. To some degree, but when we imagine that not documenting something that already exists will make people stop doing it, we just confirm the impression that we and our standards

Re: [DNSOP] draft-dulaunoy-dnsop-passive-dns-cof

2023-06-29 Thread Ben Schwartz
On 6/28/23, 12:49 PM, "John Levine" wrote: !---| This Message Is From an External Sender |---! It appears that Ben Schwartz said: >-=-=-=-=-=- >As noted in RFC