On 22 July 2017 at 17:40, Woodworth, John R
wrote:
> > From: DNSOP [mailto:dnsop-boun...@ietf.org] On Behalf Of Matthew
> Pounsett
>
> >
>
> > > On 20 July 2017 at 17:53, John R Levine wrote:
>
> > > That's why I don't share the fears about BULK: you cannot easily
>
> > > deploy a new feature th
- Original Message -
> From: "John R Levine"
> To: "Woodworth, John R"
> Cc: "dnsop"
> Sent: Saturday, 22 July, 2017 08:33:30
> Subject: Re: [DNSOP] DNS versioning, was The DNSOP WG has placed
> draft-woodworth-bulk-rr in state "
> From: DNSOP [mailto:dnsop-boun...@ietf.org] On Behalf Of Matthew Pounsett
>
> > On 20 July 2017 at 17:53, John R Levine wrote:
> > That's why I don't share the fears about BULK: you cannot easily
> > deploy a new feature that will require a change in the resolvers,
> > because you don't know all
> -Original Message-
> From: DNSOP [mailto:dnsop-boun...@ietf.org] On Behalf Of John R Levine
>
> On Thu, 20 Jul 2017, Tony Finch wrote:
> > John R Levine wrote:
> >>
> >> BULK absolutely requires online DNSSEC signing,
> >
> > This basically means that BULK is a master-only feature, which
Having said that, just what level of significance would it take
for us to bend in this respect? What type of feature, etc.?
For DNSSEC the issue was the fundamental integrity of the DNS. I
think it's fair to say that this isn't that.
...BULK absolutely requires online DNSSEC signing,
Unfo
> -Original Message-
> From: DNSOP [mailto:dnsop-boun...@ietf.org] On Behalf Of Andrew Sullivan
>
> On Thu, Jul 20, 2017 at 02:34:48PM +0100, Tony Finch wrote:
> > This basically means that BULK is a master-only feature, which implies
> > that there's no need for BULK to work across zone tr
> From: Tony Finch [mailto:d...@dotat.at]
>
Hi Tony,
Thanks for the feedback.
>
> John R Levine wrote:
> >
> > BULK absolutely requires online DNSSEC signing,
>
> This basically means that BULK is a master-only feature, which
> implies that there's no need for BULK to work across zone
> transfe
> -Original Message-
> From: John R Levine [mailto:jo...@taugh.com]
>
Hi John,
Thanks again for your feedback.
>
> On Thu, 20 Jul 2017, Woodworth, John R wrote:
> > Camp#2) Don't break DNS, even for a second
>
> Well, yeah, except that there's no such thing as breaking the
> DNS for a se
On Fri, 21 Jul 2017, Matthew Pounsett wrote:
Dear $VENDOR.
I'm a customer who is considering deploying the BULK RR type into my zone,
and I would like to know whether your systems support it.
Thank you,
$CUSTOMER.
Dear $CUSTOMER,
Thank you for your question. Here at $VENDOR we take pride in
Tim,
On 20 Jul 2017, at 14:09, tjw ietf wrote:
Another Data Point:
One of the Apps Area ADs stopped by to tell the chairs that 1) they
like
the general idea; 2) their employer has a need for this *outside of
the PTR
space*; and 3) would be willing to shepherd the work through. Now,
they
a
On 20 July 2017 at 17:53, John R Levine wrote:
> That's why I don't share the fears about BULK: you cannot easily
>> deploy a new feature that will require a change in the resolvers,
>> because you don't know all the resolvers, and cannot change them even
>> if you know they are too old. But your
That's why I don't share the fears about BULK: you cannot easily
deploy a new feature that will require a change in the resolvers,
because you don't know all the resolvers, and cannot change them even
if you know they are too old. But your secondaries are only a small
set of carefully chosen serve
On Wed, Jul 19, 2017 at 09:57:49PM -,
John Levine wrote
a message of 38 lines which said:
> We did this in a horrible ad-hoc way with DNSSEC, and even with
> DNSSEC there's the fallback that the unsigned answers you get from a
> server that doesn't understand RRSIG et al. are for many purp
On Thu, 20 Jul 2017, Tony Finch wrote:
John R Levine wrote:
BULK absolutely requires online DNSSEC signing,
This basically means that BULK is a master-only feature, which implies
that there's no need for BULK to work across zone transfers, which
implies the need to standardize it for inter
On Thu, Jul 20, 2017 at 02:34:48PM +0100, Tony Finch wrote:
> This basically means that BULK is a master-only feature, which implies
> that there's no need for BULK to work across zone transfers, which implies
> the need to standardize it for interop is almost nonexistent.
I don't think that follo
John R Levine wrote:
>
> BULK absolutely requires online DNSSEC signing,
This basically means that BULK is a master-only feature, which implies
that there's no need for BULK to work across zone transfers, which implies
the need to standardize it for interop is almost nonexistent.
Tony.
--
f.ant
Another Data Point:
One of the Apps Area ADs stopped by to tell the chairs that 1) they like
the general idea; 2) their employer has a need for this *outside of the PTR
space*; and 3) would be willing to shepherd the work through. Now, they
also the first to admit that the Application people do
> On 20 Jul 2017, at 03:12, Woodworth, John R
> wrote:
>
> For now, I think we've narrowed the draft opposition to two camps:
>
> Camp#1) Don't force me to use IPv6 reverse, I simply will never
>
> and
>
> Camp#2) Don't break DNS, even for a second
Well I don't recognise either of these cam
On Thu, 20 Jul 2017, Woodworth, John R wrote:
Camp#2) Don't break DNS, even for a second
Well, yeah, except that there's no such thing as breaking the DNS for a
second. If we look at the history of DNSSEC, we'd break the DNS for
somewhere between a decade and forever. We have tried very har
> -Original Message-
> From: DNSOP [mailto:dnsop-boun...@ietf.org] On Behalf Of John Levine
>
> I realize that my biggest problem with this draft is not that
> I don't think that it's useful -- we have lots of RFCs that
> turned out to be useless but harmless. It's that it breaks the
> DNS
In article you write:
>We are adding something to DNS that's not just a new RRTYPE. It requires
>code changes and has a deployment and long tail. ...
I realize that my biggest problem with this draft is not that I don't
think that it's useful -- we have lots of RFCs that turned out to be
useless
21 matches
Mail list logo
