From liman at netnod.se Wed Sep 30 11:14:36 2015 From: liman at netnod.se (Lars-Johan Liman) Date: Wed, 30 Sep 2015 09:14:36 -0000 Subject: Last Call: (DNS Root Name Service Protocol and Deployment Requirements) to Best Current Practice In-Reply-To: (Pearl Liang via's message of "Wed, 4 Jun 2014 03:03:52 +0000") References: <20140520204238.21772.58996.idtracker@ietfa.amsl.com> Message-ID: <22a99tm15q.fsf_-_@limac.netnod.se> [Off-line.] I can't really judge the consequences of leaving it in or ripping it out, but I say we leave it in. Clarity is always good. Dissenting opinions? Cheers, /Liman #---------------------------------------------------------------------- # Lars-Johan Liman, M.Sc. ! E-mail: liman at netnod.se # Senior Systems Specialist ! Tel: +46 8 - 562 860 12 # Netnod Internet Exchange, Stockholm ! http://www.netnod.se/ #---------------------------------------------------------------------- drafts-lastcall at iana.org: > (BEGIN IANA LAST CALL COMMENTS) > IESG/Authors/WG Chairs: > IANA has reviewed draft-iab-2870bis-01, which is currently in Last Call, and has the following comments: > We understand that, upon approval of this document, there are no IANA Actions that need completion. > While it is helpful for the IANA Considerations section of the > document to remain in place upon publication, if the authors prefer to > remove it, IANA doesn't object. > If this assessment is not accurate, please respond as soon as possible. > Thanks, > Pearl Liang > ICANN/IANA > (END IANA LAST CALL COMMENTS) > On Tue May 20 20:43:01 2014, iesg-secretary at ietf.org wrote: >> >> The IESG has received a request from the Internet Architecture Board >> (iab) to consider the following document: >> >> - 'DNS Root Name Service Protocol and Deployment Requirements' >> as Best Current Practice >> >> The IESG plans to make a decision in the next few weeks, and solicits >> final comments on this action. Please send substantive comments to the >> ietf at ietf.org mailing lists by 2014-06-20. Exceptionally, comments may be >> sent to iesg at ietf.org instead. In either case, please retain the >> beginning of the Subject line to allow automated sorting. >> >> Abstract >> >> The DNS Root Name service is a critical part of the Internet >> architecture. The protocol and deployment requirements expected to >> be implemented for the DNS root name service are defined in this >> document. Operational requirements are out of scope. >> >> >> The file can be obtained via >> http://datatracker.ietf.org/doc/draft-iab-2870bis/ >> >> IESG discussion can be tracked via >> http://datatracker.ietf.org/doc/draft-iab-2870bis/ballot/ >> >> >> No IPR declarations have been submitted directly on this I-D. >> >> From terry.manderson at icann.org Wed Sep 30 11:14:37 2015 From: terry.manderson at icann.org (Terry Manderson) Date: Wed, 30 Sep 2015 09:14:37 -0000 Subject: RSSAC001 wrt to 2870Bis In-Reply-To: <2238bt72j8.fsf@limac.netnod.se> References: <2238bt72j8.fsf@limac.netnod.se> Message-ID: Hi Lars, On 15/09/2014 5:42 pm, "Lars-Johan Liman" wrote: >terry.manderson at icann.org: >> Mark and Lars, > >Hi, Terry! > >... and thanks for pushing this forward! > >> As document leaders for RSSAC001, Joe and I are taking this opportunity >>to >> reach out regarding RSSAC001 noting the observed interdependencies >>between >> 2870bis and RSSAC001. > >> We are working toward a timeline for delivering RSSAC001 to the RSSAC, >>and >> while we are still some 8 weeks of that due date review has been >>performed >> by the RSSAC Caucus. We are now soliciting feedback from both of you and >> any other parties involved in the construction of 2870bis. > >> We accept time (your) is precious, so Joe and I also offer review time >>for >> 2870bis and our thanks for reading through RSSAC001. > >I'll let Marc respond, as he's "on top of" the schedule for 2870". If >there's an opportunity to get them back in sync, I think we should take >it. Please let us know!! > >Marc, what's the exact current status of 2870"? I seem to remember there >was an IAB last call, and comments from Paul Hoffman, but that was >before(?) we published the draft version of RSSAC001, no? What happened >then? > >Terry, the last things I see on the caucus list is the solicitation for >outstanding issues (excellent!), and the ensuing thread. Has there been >any changes to the text in RSSAC001 since then? There hasn't been (from what I see) any substantive changes to the text. Admittedly the document was well formed already and really just needs a good editing. Joe and I will come together very soon on that. Please feel free to update the RSSAC with this info. (I am unable to make the exec call today) Cheers Terry -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5056 bytes Desc: not available URL: From drafts-lastcall at iana.org Wed Sep 30 11:19:36 2015 From: drafts-lastcall at iana.org (Pearl Liang via RT) Date: Wed, 30 Sep 2015 09:19:36 -0000 Subject: [IANA #761731] Last Call: (DNS Root Name Service Protocol and Deployment Requirements) to Best Current Practice In-Reply-To: <20140520204238.21772.58996.idtracker@ietfa.amsl.com> References: <20140520204238.21772.58996.idtracker@ietfa.amsl.com> Message-ID: (BEGIN IANA LAST CALL COMMENTS) IESG/Authors/WG Chairs: IANA has reviewed draft-iab-2870bis-01, which is currently in Last Call, and has the following comments: We understand that, upon approval of this document, there are no IANA Actions that need completion. While it is helpful for the IANA Considerations section of the document to remain in place upon publication, if the authors prefer to remove it, IANA doesn't object. If this assessment is not accurate, please respond as soon as possible. Thanks, Pearl Liang ICANN/IANA (END IANA LAST CALL COMMENTS) On Tue May 20 20:43:01 2014, iesg-secretary at ietf.org wrote: > > The IESG has received a request from the Internet Architecture Board > (iab) to consider the following document: > > - 'DNS Root Name Service Protocol and Deployment Requirements' > as Best Current Practice > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send substantive comments to the > ietf at ietf.org mailing lists by 2014-06-20. Exceptionally, comments may be > sent to iesg at ietf.org instead. In either case, please retain the > beginning of the Subject line to allow automated sorting. > > Abstract > > The DNS Root Name service is a critical part of the Internet > architecture. The protocol and deployment requirements expected to > be implemented for the DNS root name service are defined in this > document. Operational requirements are out of scope. > > > The file can be obtained via > http://datatracker.ietf.org/doc/draft-iab-2870bis/ > > IESG discussion can be tracked via > http://datatracker.ietf.org/doc/draft-iab-2870bis/ballot/ > > > No IPR declarations have been submitted directly on this I-D. > > From jabley at hopcount.ca Wed Sep 30 11:19:36 2015 From: jabley at hopcount.ca (Joe Abley) Date: Wed, 30 Sep 2015 09:19:36 -0000 Subject: RSSAC001 wrt to 2870Bis In-Reply-To: <04EEE076-A690-4638-82FD-1D5E632E520D@viagenie.ca> References: <2238bt72j8.fsf@limac.netnod.se> <04EEE076-A690-4638-82FD-1D5E632E520D@viagenie.ca> Message-ID: <90B2B1B9-CAF7-4A52-BFDF-2C2308FBB4A2@hopcount.ca> Hi Marc, This is great, many thanks. Joe On 13 Oct 2014, at 10:37, Marc Blanchet wrote: > Terry, > now that you have issued a one week LC, I think it is the time to tighten the relationship between the two documents (rssac01 and 2870bis). I'm providing here some suggested changes for this, feel free to wordsmit if needed. > > Regards, Marc. > > > > Le 2014-09-24 ? 08:23, Terry Manderson a ?crit : > >> Hi Lars, >> >> On 15/09/2014 5:42 pm, "Lars-Johan Liman" wrote: >> >>> terry.manderson at icann.org: >>>> Mark and Lars, >>> >>> Hi, Terry! >>> >>> ... and thanks for pushing this forward! >>> >>>> As document leaders for RSSAC001, Joe and I are taking this opportunity >>>> to >>>> reach out regarding RSSAC001 noting the observed interdependencies >>>> between >>>> 2870bis and RSSAC001. >>> >>>> We are working toward a timeline for delivering RSSAC001 to the RSSAC, >>>> and >>>> while we are still some 8 weeks of that due date review has been >>>> performed >>>> by the RSSAC Caucus. We are now soliciting feedback from both of you and >>>> any other parties involved in the construction of 2870bis. >>> >>>> We accept time (your) is precious, so Joe and I also offer review time >>>> for >>>> 2870bis and our thanks for reading through RSSAC001. >>> >>> I'll let Marc respond, as he's "on top of" the schedule for 2870". If >>> there's an opportunity to get them back in sync, I think we should take >>> it. >> >> Please let us know!! >> >>> >>> Marc, what's the exact current status of 2870"? I seem to remember there >>> was an IAB last call, and comments from Paul Hoffman, but that was >>> before(?) we published the draft version of RSSAC001, no? What happened >>> then? >>> >>> Terry, the last things I see on the caucus list is the solicitation for >>> outstanding issues (excellent!), and the ensuing thread. Has there been >>> any changes to the text in RSSAC001 since then? >> >> There hasn't been (from what I see) any substantive changes to the text. >> Admittedly the document was well formed already and really just needs a >> good editing. >> >> Joe and I will come together very soon on that. >> >> Please feel free to update the RSSAC with this info. (I am unable to make >> the exec call today) >> >> Cheers >> Terry > From kwiereng at cisco.com Wed Sep 30 11:34:37 2015 From: kwiereng at cisco.com (Klaas Wierenga (kwiereng)) Date: Wed, 30 Sep 2015 09:34:37 -0000 Subject: review of draft-iab-2870bis-01 Message-ID: <0B5213DB-58F9-4947-BB2E-D5EACC0C42FB@cisco.com> Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document specifies he protocol and deployment requirements expected to be implemented for the DNS root name service, operational requirements are taken out of 2870, those are published separately (one hopes, see below). The document is short (thank you! ;-) and clear. I consider it ready with a few issues: === - paragraph 3 (deployment requirements): "The root name service: MUST answer queries from any entity conforming to [RFC1122] with a valid IP address.? I find this a bit confusing. Perhaps showing my ignorance, but should it not be be ?? with a valid IP-address or a referral to an authoritative name server?? - paragraph 4 (security considerations): This is a bit weak imo. At the very least I would expect some discussion about privacy here or in a separate section ?privacy considerations?, queries to the root give good insight into what sites the requester is visiting, mitigated by the fact that most queries will not reach the root due to caching of responses. In any case worth some discussion in the era of pervasive surveillance?. Furthermore, the reference to [RSSAC-001] leads to a list of members of RSSAC, not to a document. A quick search at the RSSAC site also didn?t get me to any document called "Service Expectations of Root Servers?, only to the project that was supposed to deliver it. I think you need to fix that reference. === Hope this helps, Klaas From mmani at yahoo.com Wed Sep 30 11:34:37 2015 From: mmani at yahoo.com (Mahalingam Mani) Date: Wed, 30 Sep 2015 09:34:37 -0000 Subject: Fw: [OPS-DIR] Review of draft-iab-2870bis-01 In-Reply-To: <1403114055.23805.YahooMailNeo@web162401.mail.bf1.yahoo.com> References: <1403114055.23805.YahooMailNeo@web162401.mail.bf1.yahoo.com> Message-ID: <1403115669.94254.YahooMailNeo@web162406.mail.bf1.yahoo.com> On Wednesday, June 18, 2014 10:54 AM, Mahalingam Mani wrote: [I have reviewed this document as part of the Operational directorate's ongoing?effort to review all IETF documents being processed by the IESG.?These comments were written primarily for the benefit of the operational area directors.? Document editors and WG chairs should?treat these comments just like any other last call comments] The purpose of 2870bis itself, as stated up front in the introduction, is to separate operational requirements from protocol and deployment requirements. The operational requirements now reference a document?[RSSAC-001]?outside of this SDO. This document has protocol requirements and some?deployment requirements: I have no OAM-related concerns on the stated deployment requirements. Many of the security considerations in the original RFC2870 are themselves related to operational considerations and they are hopefully (re)captured fully in?[RSSAC-001]. Although security considerations on respective DNS protocols are captured in respective RFCs; operational security considerations are critical to the security of the DNS (and, hence, the internet) infrastructure. Thanks, -mani _______________________________________________ OPS-DIR mailing list OPS-DIR at ietf.org https://www.ietf.org/mailman/listinfo/ops-dir -------------- next part -------------- An HTML attachment was scrubbed... URL: From marc.blanchet at viagenie.ca Wed Sep 30 11:34:37 2015 From: marc.blanchet at viagenie.ca (Marc Blanchet) Date: Wed, 30 Sep 2015 09:34:37 -0000 Subject: RSSAC001 wrt to 2870Bis In-Reply-To: References: <2238bt72j8.fsf@limac.netnod.se> Message-ID: <04EEE076-A690-4638-82FD-1D5E632E520D@viagenie.ca> Terry, now that you have issued a one week LC, I think it is the time to tighten the relationship between the two documents (rssac01 and 2870bis). I'm providing here some suggested changes for this, feel free to wordsmit if needed. Regards, Marc. Le 2014-09-24 ? 08:23, Terry Manderson a ?crit : -------------- next part -------------- A non-text attachment was scrubbed... Name: RSSAC001- Service Expectations of Root Servers-2014-10-09-TJM-mb.doc Type: application/msword Size: 69120 bytes Desc: not available URL: -------------- next part -------------- > Hi Lars, > > On 15/09/2014 5:42 pm, "Lars-Johan Liman" wrote: > >> terry.manderson at icann.org: >>> Mark and Lars, >> >> Hi, Terry! >> >> ... and thanks for pushing this forward! >> >>> As document leaders for RSSAC001, Joe and I are taking this opportunity >>> to >>> reach out regarding RSSAC001 noting the observed interdependencies >>> between >>> 2870bis and RSSAC001. >> >>> We are working toward a timeline for delivering RSSAC001 to the RSSAC, >>> and >>> while we are still some 8 weeks of that due date review has been >>> performed >>> by the RSSAC Caucus. We are now soliciting feedback from both of you and >>> any other parties involved in the construction of 2870bis. >> >>> We accept time (your) is precious, so Joe and I also offer review time >>> for >>> 2870bis and our thanks for reading through RSSAC001. >> >> I'll let Marc respond, as he's "on top of" the schedule for 2870". If >> there's an opportunity to get them back in sync, I think we should take >> it. > > Please let us know!! > >> >> Marc, what's the exact current status of 2870"? I seem to remember there >> was an IAB last call, and comments from Paul Hoffman, but that was >> before(?) we published the draft version of RSSAC001, no? What happened >> then? >> >> Terry, the last things I see on the caucus list is the solicitation for >> outstanding issues (excellent!), and the ensuing thread. Has there been >> any changes to the text in RSSAC001 since then? > > There hasn't been (from what I see) any substantive changes to the text. > Admittedly the document was well formed already and really just needs a > good editing. > > Joe and I will come together very soon on that. > > Please feel free to update the RSSAC with this info. (I am unable to make > the exec call today) > > Cheers > Terry From mmani at yahoo.com Wed Sep 30 11:39:36 2015 From: mmani at yahoo.com (Mahalingam Mani) Date: Wed, 30 Sep 2015 09:39:36 -0000 Subject: Review of draft-iab-2870bis-01 Message-ID: <1403114055.23805.YahooMailNeo@web162401.mail.bf1.yahoo.com> [I have reviewed this document as part of the Operational directorate's ongoing?effort to review all IETF documents being processed by the IESG.?These comments were written primarily for the benefit of the operational area directors.? Document editors and WG chairs should?treat these comments just like any other last call comments] The purpose of 2870bis itself, as stated up front in the introduction, is to separate operational requirements from protocol and deployment requirements. The operational requirements now reference a document?[RSSAC-001]?outside of this SDO. This document has protocol requirements and some?deployment requirements: I have no OAM-related concerns on the stated deployment requirements. Many of the security considerations in the original RFC2870 are themselves related to operational considerations and they are hopefully (re)captured fully in?[RSSAC-001]. Although security considerations on respective DNS protocols are captured in respective RFCs; operational security considerations are critical to the security of the DNS (and, hence, the internet) infrastructure. Thanks, -mani -------------- next part -------------- An HTML attachment was scrubbed... URL: