Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

On Fri, Nov 25, 2016 at 07:50:48PM -0500, tjw ietf wrote a message of 114 lines which said: > This starts a Working Group Last Call for > draft-ietf-dnsop-refuse-any Since we'll apparently have one more iteration of the draft, one small detail. The draft says: > The

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

Sorry for the delayed response. I've been unusually busy for these several weeks... At Sat, 3 Dec 2016 12:44:47 -0500, Olafur Gudmundsson wrote: > > I've read the 03 version of the document. I do *not* think this is > > ready for publication since I still believe we should not

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

On 08-12-16 00:04, Stephane Bortzmeyer wrote: > On Tue, Nov 29, 2016 at 09:10:02AM +0100, > Matthijs Mekking wrote > a message of 196 lines which said: > >>> This is operational choice, if we call that out do we also call >>> out that answer may depend on address, TSIG

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

The draft seems almost ready to go to the IETF. However, there are still a few areas that need work. As others have discussed, the filename really has to change. Like it or not, RFCs get associated with the last draft name that produced it, and "refuse-any" is just wrong for this document.

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

Stephane Bortzmeyer wrote: > > Why not also when cookies are used? Like TCP, they protect against > reflection attacks. My reason for deploying minimal-any was not for direct reflection attacks, because RRL already deals with direct reflection attacks. I wanted to avoid

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

On Tue, Nov 29, 2016 at 09:10:02AM +0100, Matthijs Mekking wrote a message of 196 lines which said: > > This is operational choice, if we call that out do we also call > > out that answer may depend on address, TSIG etc ? > > No, just TCP :) Why not also when cookies

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

- Original Message - > From: "神明達哉" <jin...@wide.ad.jp> > To: "tjw ietf" <tjw.i...@gmail.com> > Cc: "dnsop" <dnsop@ietf.org> > Sent: Friday, 2 December, 2016 20:55:15 > Subject: Re: [DNSOP] Working Group Last Call draft-ietf

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

>So what other RFC1034/5 defined type are you willing to throw under the bus? Here's a few, all well defined and very dead, with what's in the rrdata: MD (3) hostname MF (4) hostname MB (7) hostname that's interpreted as a mailbox MG (8) hostname that's interpreted as a mailbox MR (9) hostname

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

> On Dec 2, 2016, at 2:55 PM, 神明達哉 wrote: > > At Fri, 25 Nov 2016 19:50:48 -0500, > tjw ietf wrote: > >> Please review the draft and offer relevant comments. Also, if someone feels >> the document is *not* ready for publication, please speak out with

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

- Kevin -Original Message- From: DNSOP [mailto:dnsop-boun...@ietf.org] On Behalf Of Sent: Friday, December 02, 2016 2:55 PM To: tjw ietf Cc: dnsop Subject: Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any At Fri, 25 Nov 2016 19:50:48 -0500, tjw ietf <tjw.i...@gmail.com&g

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

>ready for publication since I still believe we should not abuse HINFO >for this purpose ... I have to agree. I have DNS servers that send actual useful HINFO records. If you're going to abuse an existing rrtype, an obvious candidate is NULL (type 10) which has been experimental for 30 years

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

At Fri, 25 Nov 2016 19:50:48 -0500, tjw ietf wrote: > Please review the draft and offer relevant comments. Also, if someone feels > the document is *not* ready for publication, please speak out with your > reasons. > > *Also*, if you have any opinion on changing the document

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

On 28 Nov 2016, at 20:00, Edward Lewis wrote: > Please don't use the word random, not even in quotes, in this context. +1 A good word might be "arbitrary" (NL: willekeurig). Niall signature.asc Description: OpenPGP digital signature ___ DNSOP

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

On 28-11-16 16:43, Olafur Gudmundsson wrote: > >> On Nov 28, 2016, at 5:25 AM, Matthijs Mekking > > wrote: >> >> Hi, >> >> I have read the draft and have two comments. Both of these have been >> called out before, but I don't see them

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

On 28-11-16 16:50, Tony Finch wrote: > Olafur Gudmundsson wrote: > >> There have been some discussion on this topic, It is fair to say that >> there are 3 camps >> >> a) answer with the smallest RRSET >> b) pick one at “random" >> c) select bases on what is most useful (i.e.

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

On 11/28/16, 10:43, "DNSOP on behalf of Olafur Gudmundsson" wrote: b) pick one at “random" Please don't use the word random, not even in quotes, in this context. I suspect that somewhere along the line that a code writer will interpret that

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

On 28 Nov 2016, at 7:50, Tony Finch wrote: > Olafur Gudmundsson wrote: > >> There have been some discussion on this topic, It is fair to say that >> there are 3 camps >> >> a) answer with the smallest RRSET >> b) pick one at “random" >> c) select bases on what is most useful (i.e.

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

Olafur Gudmundsson wrote: > There have been some discussion on this topic, It is fair to say that > there are 3 camps > > a) answer with the smallest RRSET > b) pick one at “random" > c) select bases on what is most useful (i.e. deterministic selection) > > I would be happiest to

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

> On Nov 28, 2016, at 5:25 AM, Matthijs Mekking wrote: > > Hi, > > I have read the draft and have two comments. Both of these have been called > out before, but I don't see them addressed in this version (-03): > > 1. In case of a DNS responder selecting one or a

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

Are we still creating standards based on "BIND does this"? :p On 28-11-16 13:57, Tony Finch wrote: Matthijs Mekking wrote: 1. In case of a DNS responder selecting one or a subset of the RRsets at the QNAME, The draft does not give clear guidance on which RRset(s) to

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

Matthijs Mekking wrote: > > 1. In case of a DNS responder selecting one or a subset of the RRsets at the > QNAME, The draft does not give clear guidance on which RRset(s) to pick. The code in BIND just picks an arbitrary RRset, without making any effort to be clever. It

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

Hi, I have read the draft and have two comments. Both of these have been called out before, but I don't see them addressed in this version (-03): 1. In case of a DNS responder selecting one or a subset of the RRsets at the QNAME, The draft does not give clear guidance on which RRset(s) to

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

" <tjw.i...@gmail.com> > To: "dnsop" <dnsop@ietf.org> > Sent: Saturday, 26 November, 2016 01:50:48 > Subject: [DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any > All > > The authors have addressed all the outstanding issues with this draft,

[DNSOP] Working Group Last Call draft-ietf-dnsop-refuse-any

All The authors have addressed all the outstanding issues with this draft, and the chairs feel this is ready for Working Group Last Call. There has been one issue raised which we feel the working group may have some opinion on this. Ondrej Sury raised this point: There's a small procedural