ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: last call discussion status on draft-iab-2870bis

2015-03-06 06:27:27
from [Lars-Johan Liman] [Permanent Link] 
bmanning(_at_)isi(_dot_)edu:

EDNS is essential for the implementation of DNS Security Extensions.
All roots support DNSSEC.
Calling out EDNS0 at this time is moot.


marka(_at_)isc(_dot_)org:

Actually there are implementations that do DNSSEC fine but botch
EDNS.  We have drafts coming through the IETF that expect full EDNS
version 0 compliance to work without having to do gross hacks like
dealing with incorrectly returned FORMERR, BADVERS and queries being
dropped because they happen to try to use a extension.


Man, you must see a lot of bad sh*t in your professional life. :-) I
cannot even wrap my head around the concept of doing DNSSEC fine while
botching EDNS, but I know you well enough to take your word for it. :-)


The current root servers get this right.  This is about preventing
things going wrong in the future.  It is also about TLDs and others
that use the root server requirements as a basis for their
requirements.


I do note that the current draft specifies "MUST do DNSSEC", which to me
sounds like "and therefore needs to do EDNS". I wouldn't really mind
adding EDNS to the draft, except, as noted earlier, it's just a
framework, and specifying which parts of it must be implemented isn't a
friendly slope to slide along. It also begs for other stuff to be
listed, and we (again) risk ending up with legalese like "... including,
but not limited to ..." - which I don't favour.

And there's the text in RSSAC-001.

I think I agree with Jari (if this is what you meant, Jari? ;-), that
the current wording in _these_ documents (draft + RSSAC-001) is
sufficient, and that work should be put into firming up the DNS specs in
general, so that the "rubber wheel" clauses in RSSAC-001 get some "real
tarmac" to work with and get good traction.

So my current inclination wrt. this, is to leave the relevant text parts
unchanged for -03 (which we seem to have to produce ...).

                                Cheers,
                                  /Liman
#----------------------------------------------------------------------
# Lars-Johan Liman, M.Sc.               !  E-mail: liman(_at_)netnod(_dot_)se
# Senior Systems Specialist             !  Tel: +46 8 - 562 860 12
# Netnod Internet Exchange, Stockholm   !  http://www.netnod.se/
#----------------------------------------------------------------------
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [IAB] Last Call: <draft-iab-2870bis-01.txt> (DNS Root Name Service Protocol and Deployment Requirements) to Best Current Practice, Jari Arkko
Next by Date:  Re: last call discussion status on draft-iab-2870bis, Lars-Johan Liman
Previous by Thread:  Re: last call discussion status on draft-iab-2870bis, Mark Andrews
Next by Thread:  Re: last call discussion status on draft-iab-2870bis, Mark Andrews
Indexes:  [Date] [Thread] [Top] [All Lists]