] From: Mukund Sivaraman
] This is also a good point. Perhaps just saying that RPZ zone transfers
] are not assumed to be atomic for the whole zone, but only at the
] RR/policy rule level will suffice?
]
] Paul mentioned during the RPZ bar/pub meeting that the purpose of this
] RFC is to document
On Fri, Dec 30, 2016 at 11:45:23AM +, Vernon Schryver wrote:
> Then there is what should happen if a transfer of a policy zone
> happens between the time QNAME rules are checked and the generally
> later time when NSIP and NSDNAME rules are checked. The draft tries
> to pretend that all of the
Hi Vernon
On Fri, Dec 30, 2016 at 11:45:23AM +, Vernon Schryver wrote:
> > From: Mukund Sivaraman
>
> > > In 4.1.1 (IP address encoding in triggers), I suggest adding:
> > >
> > > - The encoded address prefix MUST NOT not have any extra trailing 1s
> > > (longer address prefix than the pre
> From: "A. Schulze"
> > TSIG uses DNS names for encoding the algorithm type.
> I didn't expected that...
Beware that a very popular TSIG implementation is intermittently
confused by upper case algorithm names from a peer despite the fact
that they're encoded like domain names. If you're writin
> From: Mukund Sivaraman
> > In 4.1.1 (IP address encoding in triggers), I suggest adding:
> >
> > - The encoded address prefix MUST NOT not have any extra trailing 1s
> > (longer address prefix than the prefix length) or the rule will be
> > rejected. E.g., the following trigger will be reje
Mukund Sivaraman:
TSIG uses DNS names for encoding the algorithm type.
I didn't expected that...
Thanks!
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
In message <20161230120013.horde.od0o75vhrxz6uxs_-ytk...@andreasschulze.de>,
"A. Schulze" writes:
> Hello,
>
> I'm searching for a reference (IANA?) that define the DNSSEC hash
> algorithm hmac-sha256
> has assigned the number 159
> ( see http://git.nlnetlabs.nl/ldns/tree/ldns/keys.h#86 )
>
>
On Fri, Dec 30, 2016 at 12:00:13PM +0100, A. Schulze wrote:
> Hello,
>
> I'm searching for a reference (IANA?) that define the DNSSEC hash algorithm
> hmac-sha256
> has assigned the number 159
> ( see http://git.nlnetlabs.nl/ldns/tree/ldns/keys.h#86 )
>
> I only found
> https://www.iana.org/assi
Hello,
I'm searching for a reference (IANA?) that define the DNSSEC hash
algorithm hmac-sha256
has assigned the number 159
( see http://git.nlnetlabs.nl/ldns/tree/ldns/keys.h#86 )
I only found
https://www.iana.org/assignments/tsig-algorithm-names/tsig-algorithm-names.xhtml
defining the /na
Hi Vernon
A couple of items:
1. I sent the following text to Paul, but it has missed making this
revision of the draft. Please add it into the next revision.
> In 4.1.1 (IP address encoding in triggers), I suggest adding:
>
> - The encoded address prefix MUST NOT not have any extra trailing 1s
>
10 matches
Mail list logo
