[DNSOP] I-D Action: draft-ietf-dnsop-domain-verification-techniques-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Domain Name System Operations WG of the IETF. Title : Survey of Domain Verification Techniques using DNS Authors : Shivan Sahib

Re: [DNSOP] New Version Notification for draft-yorgos-dnsop-dry-run-dnssec-01.txt

On Jul 28, 2022, at 15:15, Dave Lawrence wrote: > > I am not in favour of yet another change to DNSSEC bits without a much > larger demonstration of value than what this proposal has. It's not > that I think this one has no value, I just think that the bulk of its > value is achievable via oth

Re: [DNSOP] [Ext] Re: signing parent-side NS (was: Re: Updating RFC 7344 for cross-NS consistency)

On 7/26/22, 3:05 PM, "DNSOP on behalf of Petr Špaček" wrote: >Interesting history lesson, thank you. >Can you elaborate on > > therefore only one can be signed. >please? >What is the reasoning behind it? There were a few iterations in the development of DNSSEC. RFC 4033-4035 are the third

Re: [DNSOP] New Version Notification for draft-yorgos-dnsop-dry-run-dnssec-01.txt

I am not in favour of yet another change to DNSSEC bits without a much larger demonstration of value than what this proposal has. It's not that I think this one has no value, I just think that the bulk of its value is achievable via other mechanisms. While it is true that there could be more user

[DNSOP] Working Group Last Call for aft-ietf-dnsop-dnssec-bcp

All This starts a Working Group Last Call for aft-ietf-dnsop-dnssec-bcp, "DNS Security Extensions (DNSSEC)" Current versions of the draft is available here: https://datatracker.ietf.org/doc/draft-ietf-dnsop-dnssec-bcp/ The Current Intended Status of this document is: Best Current Practice

Re: [DNSOP] I-D Action: draft-ietf-dnsop-dnssec-bcp-02.txt

Hi everyone Referring back to a little earlier in today's agenda, I've just raised a two-word PR #9 which aims to remove a possible misinterpretation of the BCP text by a less experienced reader. The PR says: The current text can be i

Re: [DNSOP] The DNSOP WG has placed draft-rebs-dnsop-svcb-dane in state "Call For Adoption By WG Issued"

I'm in favour of working group adoption for this draft. It provides important clarifications for the interaction of DANE and SVCB. ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] I-D Action: draft-ietf-dnsop-caching-resolution-failures-00.txt

Hi Petr, thank you for the feedback! > On Jul 28, 2022, at 5:06 AM, Petr Špaček wrote: > > Caution: This email originated from outside the organization. Do not click > links or open attachments unless you recognize the sender and know the > content is safe. > On 27. 07. 22 19:42, internet-dr

Re: [DNSOP] New Version Notification for draft-yorgos-dnsop-dry-run-dnssec-01.txt

On 15. 07. 22 14:36, George Thessalonikefs wrote: Hi Libor, Thanks for the time and feedback! If you prefer the dry-run DS to have a static length maybe then you are more interested in the dry-run equivalent algorithm per actual algorithm timeline? It would be interesting to know if your c

Re: [DNSOP] WGLC for draft-ietf-dnsop-avoid-fragmentation

On 26. 07. 22 23:13, Suzanne Woolf wrote: Dear colleagues, This message starts the Working Group Last Call for draft-ietf-dnsop-avoid-fragmentation (https://datatracker.ietf.org/doc/draft-ietf-dnsop-avoid-fragmentation/). The requested status is BCP. Since we're starting the Last Call durin

[DNSOP] Fwd: New Version Notification for draft-ietf-dnsop-rfc5933-bis-09.txt

Dear colleagues, Here is the updated version of the "Use of GOST 2012 Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC" IETF draft. We have a new coauthor, Boris Makarenko, who kindly agreed to continue the development process. -- Forwarded message - From: Da

[DNSOP] I-D Action: draft-ietf-dnsop-rfc5933-bis-09.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Domain Name System Operations WG of the IETF. Title : Use of GOST 2012 Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC Authors

Re: [DNSOP] WGLC for draft-ietf-dnsop-avoid-fragmentation

On Jul 28, 2022, at 12:24, Andrew McConachie wrote: > PMTUD doesn’t work through NAT That's a very definitive statement considering that there's no useful standard for NAT. If there's actual research on this to demonstrate that, pragmatically speaking, no implementations use the payload of a

Re: [DNSOP] WGLC for draft-ietf-dnsop-avoid-fragmentation

Path MTU discovery remains widely undeployed due to security issues, and IP fragmentation has exposed weaknesses in application protocols. PMTUD doesn’t work through NAT and that’s probably the main reason why it doesn’t work on the Internet. I think that’s less of a security issue than

Re: [DNSOP] I-D Action: draft-ietf-dnsop-caching-resolution-failures-00.txt

On 27. 07. 22 19:42, internet-dra...@ietf.org wrote: A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Domain Name System Operations WG of the IETF. Title : Negative Caching of DNS Resolution Failures Auth