From owner-namedroppers@ops.ietf.org Sun Mar 1 05:41:59 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C437E3A6A25; Sun, 1 Mar 2009 05:41:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.135 X-Spam-Level: X-Spam-Status: No, score=-0.135 tagged_above=-999 required=5 tests=[AWL=0.302, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pleOiMJbhESQ; Sun, 1 Mar 2009 05:41:58 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id A42713A6842; Sun, 1 Mar 2009 05:41:58 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Ldlmf-000GU0-DV for namedroppers-data0@psg.com; Sun, 01 Mar 2009 13:32:45 +0000 Received: from [217.155.92.109] (helo=mail.links.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LdlmY-000GSy-IW for namedroppers@ops.ietf.org; Sun, 01 Mar 2009 13:32:43 +0000 Received: from [193.133.15.218] (localhost [127.0.0.1]) by mail.links.org (Postfix) with ESMTP id 1C2FD33C1A; Sun, 1 Mar 2009 13:32:36 +0000 (GMT) Message-ID: <49AA8E78.9060209@links.org> Date: Sun, 01 Mar 2009 13:32:40 +0000 From: Ben Laurie User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.4.0 MIME-Version: 1.0 To: Paul Vixie CC: dnssec-deployment@shinkuro.com, namedroppers@ops.ietf.org Subject: Re: [dnssec-deployment] [dnsext] Sidestepping the root References: <49A035D0.5090303@links.org> <17143.1235258508@nsa.vix.com> In-Reply-To: <17143.1235258508@nsa.vix.com> X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Paul Vixie wrote: > On 21.02.2009, at 18:11, Ben Laurie wrote: >> So here's an idea: why don't the TLDs who have deployed or are willing to >> deploy DNSSEC get together and each run a DLV zone for all the others? > > candidly, it's because of the trust problem. ISC operates a DLV registry > and it has a few TLDs in it (more now that we've imported IANA's ITAR) but > the TLD operators are terribly concerned about kingmaking and not even ISC > is trustworthy enough to make that concern go away. truthfully: *noone* is. Who would be king in the system I describe? > i understood this better after the man from .RU shook his fist at the room > down in atlanta, apparently the idea of russia depending on the united > states (which is how the world sees ICANN) to authenticate their own names > to their own users flies in the face of national sovereignty. In the system I describe, .ru would authenticate their own names to their own users. -- http://www.apache-ssl.org/ben.html http://www.links.org/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Sun Mar 1 09:05:19 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 48AC83A6A47; Sun, 1 Mar 2009 09:05:19 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hwFgsDHJjN5t; Sun, 1 Mar 2009 09:05:18 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 379A53A6829; Sun, 1 Mar 2009 09:05:18 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Ldp0n-0001xl-77 for namedroppers-data0@psg.com; Sun, 01 Mar 2009 16:59:33 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Ldp0j-0001xU-MA for namedroppers@ops.ietf.org; Sun, 01 Mar 2009 16:59:31 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 00EAEA1018; Sun, 1 Mar 2009 16:59:29 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: Ben Laurie cc: "DNSSEC deployment" , namedroppers@ops.ietf.org Subject: Re: [dnssec-deployment] [dnsext] Sidestepping the root In-Reply-To: Your message of "Sun, 01 Mar 2009 13:32:40 GMT." References: <49A035D0.5090303@links.org> <17143.1235258508@nsa.vix.com> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Sun, 01 Mar 2009 16:59:28 +0000 Message-ID: <24914.1235926768@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > > On 21.02.2009, at 18:11, Ben Laurie wrote: > >> So here's an idea: why don't the TLDs who have deployed or are willing > >> to deploy DNSSEC get together and each run a DLV zone for all the > >> others? > Paul Vixie wrote: > > candidly, it's because of the trust problem. ISC operates a DLV > > registry and it has a few TLDs in it (more now that we've imported > > IANA's ITAR) but the TLD operators are terribly concerned about > > kingmaking and not even ISC is trustworthy enough to make that concern > > go away. truthfully: *noone* is. > > Who would be king in the system I describe? the system you describe is kingless. > > i understood this better after the man from .RU shook his fist at the > > room down in atlanta, apparently the idea of russia depending on the > > united states (which is how the world sees ICANN) to authenticate their > > own names to their own users flies in the face of national sovereignty. > > In the system I describe, .ru would authenticate their own names to > their own users. it has some interesting properties. perhaps you can find a CCTLD who is willing to deploy it, thus setting an example for other CCTLD's. (the first step would appear to be some kind of technote describing your proposal.) two notes. first, roy arends also made a kingless proposal a few years back but chose for whatever reason not to push forward with it. you might ask him "hey roy, what ever happened to your kingless DLV idea?" second, your proposal as briefly summarized in this thread begs a question which is "if we're going to authenticate other CCTLD keys through the local CCTLD, then why aren't we also choosing other CCTLD nameservers through the local CCTLD?" that is, why shouldn't national sovereignty extend beyond just DNSSEC to include DNS itself? this boils down to "why wouldn't each CCTLD just run their own root zone and each country mandate its use by law in its own territory?" i don't like these arguments and i'll be hitting my "delete" key a lot when it starts, but that's where i think your proposal will lead. (and this is probably the reason i didn't propose it originally when we were putting together the somewhat-kingful ISC DLV system.) i note with no shortage of irritation that after almost 14 years we still do not have dnssec deployed, or deployable, and that the new arguments are all about kinglessness. i think this means: "we suck." -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Sun Mar 1 09:20:20 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E767D3A69C1; Sun, 1 Mar 2009 09:20:20 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.196 X-Spam-Level: X-Spam-Status: No, score=-0.196 tagged_above=-999 required=5 tests=[AWL=0.241, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zq9ikLbEik-B; Sun, 1 Mar 2009 09:20:19 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id AF6DB3A6B15; Sun, 1 Mar 2009 09:20:19 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LdpH4-0002xu-Ot for namedroppers-data0@psg.com; Sun, 01 Mar 2009 17:16:22 +0000 Received: from [217.155.92.109] (helo=mail.links.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LdpH0-0002xP-IV for namedroppers@ops.ietf.org; Sun, 01 Mar 2009 17:16:20 +0000 Received: from [193.133.15.218] (localhost [127.0.0.1]) by mail.links.org (Postfix) with ESMTP id E485433C1D; Sun, 1 Mar 2009 17:16:16 +0000 (GMT) Message-ID: <49AAC2E5.6030408@links.org> Date: Sun, 01 Mar 2009 17:16:21 +0000 From: Ben Laurie User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.4.0 MIME-Version: 1.0 To: Paul Vixie CC: DNSSEC deployment , namedroppers@ops.ietf.org Subject: Re: [dnssec-deployment] [dnsext] Sidestepping the root References: <49A035D0.5090303@links.org> <17143.1235258508@nsa.vix.com> <24914.1235926768@nsa.vix.com> In-Reply-To: <24914.1235926768@nsa.vix.com> X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Paul Vixie wrote: >>> On 21.02.2009, at 18:11, Ben Laurie wrote: >>>> So here's an idea: why don't the TLDs who have deployed or are willing >>>> to deploy DNSSEC get together and each run a DLV zone for all the >>>> others? > >> Paul Vixie wrote: >>> candidly, it's because of the trust problem. ISC operates a DLV >>> registry and it has a few TLDs in it (more now that we've imported >>> IANA's ITAR) but the TLD operators are terribly concerned about >>> kingmaking and not even ISC is trustworthy enough to make that concern >>> go away. truthfully: *noone* is. >> Who would be king in the system I describe? > > the system you describe is kingless. > >>> i understood this better after the man from .RU shook his fist at the >>> room down in atlanta, apparently the idea of russia depending on the >>> united states (which is how the world sees ICANN) to authenticate their >>> own names to their own users flies in the face of national sovereignty. >> In the system I describe, .ru would authenticate their own names to >> their own users. > > it has some interesting properties. perhaps you can find a CCTLD who is > willing to deploy it, thus setting an example for other CCTLD's. (the > first step would appear to be some kind of technote describing your > proposal.) > > two notes. first, roy arends also made a kingless proposal a few years > back but chose for whatever reason not to push forward with it. you might > ask him "hey roy, what ever happened to your kingless DLV idea?" > > second, your proposal as briefly summarized in this thread begs a question > which is "if we're going to authenticate other CCTLD keys through the local > CCTLD, then why aren't we also choosing other CCTLD nameservers through the > local CCTLD?" that is, why shouldn't national sovereignty extend beyond > just DNSSEC to include DNS itself? this boils down to "why wouldn't each > CCTLD just run their own root zone and each country mandate its use by law > in its own territory?" i don't like these arguments and i'll be hitting my > "delete" key a lot when it starts, but that's where i think your proposal > will lead. (and this is probably the reason i didn't propose it originally > when we were putting together the somewhat-kingful ISC DLV system.) I don't see this as a sovereignty issue so much as a trust issue: as a citizen of .uk it is easier for me to trust Nominet than, say, whoever runs .cn. Nor do I think it should be restricted to ccTLDs, nor even TLDs, necessarily. But in any case, you are right: if TLDs are authoritative for keys, they might as well be authoritative for nameservers. And what would be wrong with that? > i note with no shortage of irritation that after almost 14 years we still do > not have dnssec deployed, or deployable, and that the new arguments are all > about kinglessness. i think this means: "we suck." In what sense is it not deployable? Working fine for me... Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.links.org/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Sun Mar 1 09:34:29 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9DB9928C148; Sun, 1 Mar 2009 09:34:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tGbYcx5W7D64; Sun, 1 Mar 2009 09:34:29 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id C484428C140; Sun, 1 Mar 2009 09:34:28 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LdpUb-000412-9q for namedroppers-data0@psg.com; Sun, 01 Mar 2009 17:30:21 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LdpUY-00040m-LX for namedroppers@ops.ietf.org; Sun, 01 Mar 2009 17:30:19 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 4C734A1037; Sun, 1 Mar 2009 17:30:18 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: Ben Laurie cc: "DNSSEC deployment" , namedroppers@ops.ietf.org Subject: Re: [dnssec-deployment] [dnsext] Sidestepping the root In-Reply-To: Your message of "Sun, 01 Mar 2009 17:16:21 GMT." References: <49A035D0.5090303@links.org> <17143.1235258508@nsa.vix.com> <24914.1235926768@nsa.vix.com> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Sun, 01 Mar 2009 17:30:18 +0000 Message-ID: <26348.1235928618@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > But in any case, you are right: if TLDs are authoritative for keys, they > might as well be authoritative for nameservers. And what would be wrong > with that? it's inevitable that some countries will do this. it'll lead to chaos in the namespace just like any other multiple-rootzone plan. what would be wrong? as bruce campbell said in _army_of_darkness_: "good? bad? i'm the one with the gun." > In what sense is it not deployable? Working fine for me... it's not universally deployable. "what wizards can do" is not a good test. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Sun Mar 1 09:36:56 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 127403A696D; Sun, 1 Mar 2009 09:36:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.236 X-Spam-Level: X-Spam-Status: No, score=-0.236 tagged_above=-999 required=5 tests=[AWL=0.201, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TmplYaVsGozJ; Sun, 1 Mar 2009 09:36:54 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id BEAD63A67DF; Sun, 1 Mar 2009 09:36:54 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LdpY7-0004Gg-4b for namedroppers-data0@psg.com; Sun, 01 Mar 2009 17:33:59 +0000 Received: from [217.155.92.109] (helo=mail.links.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LdpY1-0004GC-RT for namedroppers@ops.ietf.org; Sun, 01 Mar 2009 17:33:57 +0000 Received: from [193.133.15.218] (localhost [127.0.0.1]) by mail.links.org (Postfix) with ESMTP id B8FC033C1C; Sun, 1 Mar 2009 17:33:51 +0000 (GMT) Message-ID: <49AAC704.8020906@links.org> Date: Sun, 01 Mar 2009 17:33:56 +0000 From: Ben Laurie User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.4.0 MIME-Version: 1.0 To: Paul Vixie CC: DNSSEC deployment , namedroppers@ops.ietf.org Subject: Re: [dnssec-deployment] [dnsext] Sidestepping the root References: <49A035D0.5090303@links.org> <17143.1235258508@nsa.vix.com> <24914.1235926768@nsa.vix.com> <26348.1235928618@nsa.vix.com> In-Reply-To: <26348.1235928618@nsa.vix.com> X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Paul Vixie wrote: >> But in any case, you are right: if TLDs are authoritative for keys, they >> might as well be authoritative for nameservers. And what would be wrong >> with that? > > it's inevitable that some countries will do this. it'll lead to chaos in > the namespace just like any other multiple-rootzone plan. what would be > wrong? as bruce campbell said in _army_of_darkness_: "good? bad? i'm the > one with the gun." > >> In what sense is it not deployable? Working fine for me... > > it's not universally deployable. "what wizards can do" is not a good test. All you have to do is pick up my makefile and config and type "make" :-) -- http://www.apache-ssl.org/ben.html http://www.links.org/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 2 06:39:40 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1E71C3A682D; Mon, 2 Mar 2009 06:39:40 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 1.801 X-Spam-Level: * X-Spam-Status: No, score=1.801 tagged_above=-999 required=5 tests=[AWL=-1.826, BAYES_50=0.001, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HELO_MISMATCH_COM=0.553, J_CHICKENPOX_23=0.6, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fvkS4fz2Ssnp; Mon, 2 Mar 2009 06:39:39 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id B289C3A69E9; Mon, 2 Mar 2009 06:39:38 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Le9Ac-000LqV-5p for namedroppers-data0@psg.com; Mon, 02 Mar 2009 14:31:02 +0000 Received: from [209.85.220.164] (helo=mail-fx0-f164.google.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Le9AS-000Lpf-Bg for namedroppers@ops.ietf.org; Mon, 02 Mar 2009 14:31:01 +0000 Received: by fxm8 with SMTP id 8so2068590fxm.41 for ; Mon, 02 Mar 2009 06:30:50 -0800 (PST) MIME-Version: 1.0 Received: by 10.223.107.68 with SMTP id a4mr5995772fap.44.1236004249725; Mon, 02 Mar 2009 06:30:49 -0800 (PST) Date: Mon, 2 Mar 2009 15:30:49 +0100 Message-ID: Subject: [dnsext] Timeslot at IETF74? From: =?UTF-8?B?T25kxZllaiBTdXLDvQ==?= To: DNSEXT WG Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Hi, I'm planning my trip to SF and I have noticed that dnsext doesn't have timeslot in Agenda. Does anybody know when the dnsext session is going to be? Ondrej. -- Ondrej Sury technicky reditel/Chief Technical Officer ----------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23,120 00 Praha 2,Czech Republic mailto:ondrej.sury@nic.cz http://nic.cz/ sip:ondrej.sury@nic.cz tel:+420.222745110 mob:+420.739013699 fax:+420.222745112 ----------------------------------------- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 2 07:34:36 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5B7563A69AC; Mon, 2 Mar 2009 07:34:36 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.128 X-Spam-Level: X-Spam-Status: No, score=0.128 tagged_above=-999 required=5 tests=[AWL=-1.674, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, J_CHICKENPOX_23=0.6, MIME_8BIT_HEADER=0.3, MIME_QP_LONG_LINE=1.396, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HjfX3Uf70ToB; Mon, 2 Mar 2009 07:34:35 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id DE3943A67A4; Mon, 2 Mar 2009 07:34:34 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeA4y-0001AU-5b for namedroppers-data0@psg.com; Mon, 02 Mar 2009 15:29:16 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeA4t-0001A2-Ue for namedroppers@ops.ietf.org; Mon, 02 Mar 2009 15:29:14 +0000 Received: from Puki.ogud.com (nyttbox.md.ogud.com [10.20.30.4]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n22FT62a069645; Mon, 2 Mar 2009 10:29:06 -0500 (EST) (envelope-from ogud@ogud.com) Message-Id: <200903021529.n22FT62a069645@stora.ogud.com> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Mon, 02 Mar 2009 10:28:46 -0500 To: =?iso-8859-1?Q?Ond=C5=99ej?= =?iso-8859-1?Q?_Sur=C3=BD?= , DNSEXT WG From: =?iso-8859-1?Q?=D3lafur?= =?iso-8859-1?Q?_Gu=F0mundsson?= /DNSEXT chair Subject: Re: [dnsext] Timeslot at IETF74? In-Reply-To: References: Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="=====================_174180768==.ALT" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --=====================_174180768==.ALT Content-Type: text/plain; charset="iso-8859-1"; format=flowed Content-Transfer-Encoding: quoted-printable At 09:30 02/03/2009, Ond=C5=99ej Sur=C3=BD wrote: >Hi, > >I'm planning my trip to SF and I have noticed that dnsext doesn't >have timeslot in Agenda. Does anybody know when the dnsext >session is going to be? No meeting, Andrew and I announce this in December: http://psg.com/lists/namedroppers/namedroppers.2008/msg02413.html No request was received for agenda slots. Olafur >Ondrej. >-- > Ondrej Sury > technicky reditel/Chief Technical Officer > ----------------------------------------- > CZ.NIC, z.s.p.o. -- .cz domain registry > Americka 23,120 00 Praha 2,Czech Republic > mailto:ondrej.sury@nic.cz http://nic.cz/ > sip:ondrej.sury@nic.cz tel:+420.222745110 > mob:+420.739013699 fax:+420.222745112 > ----------------------------------------- > >-- >to unsubscribe send a message to namedroppers-request@ops.ietf.org with >the word 'unsubscribe' in a single line as the message text body. >archive: --=====================_174180768==.ALT Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable At 09:30 02/03/2009, Ond=C5=99ej Sur=C3=BD wrote:
Hi,

I'm planning my trip to SF and I have noticed that dnsext doesn't
have timeslot in Agenda. Does anybody know when the dnsext
session is going to be?


No meeting, Andrew and I announce this in December:
http://psg.com/lists/namedroppers/namedroppers.2008/msg02413.html

No request was received for agenda slots.

        Olafur



Ondrej.
--
 Ondrej Sury
 technicky reditel/Chief Technical Officer
 -----------------------------------------
 CZ.NIC, z.s.p.o.  --  .cz domain registry
 Americka 23,120 00 Praha 2,Czech Republic
  mailto:ondrej.sury@nic.cz http://nic.cz/
 sip:ondrej.sury@nic.cz tel:+420.222745110
 mob:+420.739013699     fax:+420.222745112
 -----------------------------------------

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: < http://ops.ietf.org/lists/namedroppers/>
--=====================_174180768==.ALT-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 2 07:48:40 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4489728C213; Mon, 2 Mar 2009 07:48:40 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.1 X-Spam-Level: X-Spam-Status: No, score=-1.1 tagged_above=-999 required=5 tests=[AWL=-1.500, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_INFO=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 68NEITaBg+MO; Mon, 2 Mar 2009 07:48:39 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 3D45A3A6887; Mon, 2 Mar 2009 07:48:22 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeAJC-000285-8X for namedroppers-data0@psg.com; Mon, 02 Mar 2009 15:43:58 +0000 Received: from [208.86.224.201] (helo=mail.yitter.info) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeAJ9-00027l-9n for namedroppers@ops.ietf.org; Mon, 02 Mar 2009 15:43:57 +0000 Received: from crankycanuck.ca (69-196-144-230.dsl.teksavvy.com [69.196.144.230]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yitter.info (Postfix) with ESMTPSA id 76C972FEA3F8 for ; Mon, 2 Mar 2009 15:43:53 +0000 (UTC) Date: Mon, 2 Mar 2009 10:43:51 -0500 From: Andrew Sullivan To: namedroppers@ops.ietf.org Subject: Re: [dnsext] Timeslot at IETF74? Message-ID: <20090302154345.GA1700@shinkuro.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Mon, Mar 02, 2009 at 03:30:49PM +0100, Ondřej Surý wrote: > Hi, > > I'm planning my trip to SF and I have noticed that dnsext doesn't > have timeslot in Agenda. Does anybody know when the dnsext > session is going to be? There isn't going to be one, which is why you don't see the timeslot. We asked many weeks ago whether anyone had possible agenda items for a meeting; if not, we would have no meeting. We didn't get responses with items that needed discussion, so we didn't schedule a session. (This is in keeping with the WG's charter that we're sleeping.) Best, Andrew (for the Chairs) -- Andrew Sullivan ajs@shinkuro.com Shinkuro, Inc. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 2 09:07:35 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4162D3A6B23; Mon, 2 Mar 2009 09:07:35 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.246 X-Spam-Level: X-Spam-Status: No, score=-102.246 tagged_above=-999 required=5 tests=[AWL=0.354, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G45ZlWd+QmFT; Mon, 2 Mar 2009 09:07:34 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 765B63A6933; Mon, 2 Mar 2009 09:07:34 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeBVI-0007bB-Dk for namedroppers-data0@psg.com; Mon, 02 Mar 2009 17:00:32 +0000 Received: from [2001:1890:1112:1::20] (helo=mail.ietf.org) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeBVF-0007ac-Dc for namedroppers@ops.ietf.org; Mon, 02 Mar 2009 17:00:31 +0000 Received: by core3.amsl.com (Postfix, from userid 0) id A9ACC3A6A71; Mon, 2 Mar 2009 09:00:01 -0800 (PST) From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org Cc: namedroppers@ops.ietf.org Subject: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-02.txt Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 Message-Id: <20090302170001.A9ACC3A6A71@core3.amsl.com> Date: Mon, 2 Mar 2009 09:00:01 -0800 (PST) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS Extensions Working Group of the IETF. Title : DNS Proxy Implementation Guidelines Author(s) : R. Bellis Filename : draft-ietf-dnsext-dnsproxy-02.txt Pages : 13 Date : 2009-03-02 This document provides guidelines for the implementation of DNS proxies, as found in broadband gateways and other similar network devices. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnsproxy-02.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-dnsext-dnsproxy-02.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2009-03-02085132.I-D@ietf.org> --NextPart-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 2 09:38:08 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3EE283A6AFA; Mon, 2 Mar 2009 09:38:08 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.583 X-Spam-Level: X-Spam-Status: No, score=-0.583 tagged_above=-999 required=5 tests=[AWL=-0.389, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RQyeo1Chgm10; Mon, 2 Mar 2009 09:38:07 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id D1D443A692A; Mon, 2 Mar 2009 09:38:06 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeC1F-000AIC-Qw for namedroppers-data0@psg.com; Mon, 02 Mar 2009 17:33:33 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeC1C-000AHs-4X for namedroppers@ops.ietf.org; Mon, 02 Mar 2009 17:33:31 +0000 Received: from Puki.ogud.com (nyttbox.md.ogud.com [10.20.30.4]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n22HXSsb071555 for ; Mon, 2 Mar 2009 12:33:28 -0500 (EST) (envelope-from ogud@ogud.com) Message-Id: <200903021733.n22HXSsb071555@stora.ogud.com> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Mon, 02 Mar 2009 12:33:06 -0500 To: namedroppers@ops.ietf.org From: =?iso-8859-1?Q?=D3lafur?= =?iso-8859-1?Q?_Gu=F0mundsson?= /DNSEXT chair Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-02.txt In-Reply-To: <20090302170001.A9ACC3A6A71@core3.amsl.com> References: <20090302170001.A9ACC3A6A71@core3.amsl.com> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="=====================_181641757==.ALT" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --=====================_181641757==.ALT Content-Type: text/plain; charset="us-ascii"; format=flowed Ray has informed the chairs that this version addresses all the issues that have been raised so far. We are planning to start a WGLC on this version real soon. I you have raised issues with earlier version of the document take a look at this version. Olafur & Andrew. At 12:00 02/03/2009, Internet-Drafts@ietf.org wrote: >A New Internet-Draft is available from the on-line Internet-Drafts >directories. >This draft is a work item of the DNS Extensions Working Group of the IETF. > > > Title : DNS Proxy Implementation Guidelines > Author(s) : R. Bellis > Filename : draft-ietf-dnsext-dnsproxy-02.txt > Pages : 13 > Date : 2009-03-02 > >This document provides guidelines for the implementation of DNS >proxies, as found in broadband gateways and other similar network >devices. > >A URL for this Internet-Draft is: >http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnsproxy-02.txt > >Internet-Drafts are also available by anonymous FTP at: >ftp://ftp.ietf.org/internet-drafts/ > >Below is the data which will enable a MIME compliant mail reader >implementation to automatically retrieve the ASCII version of the >Internet-Draft. > > > --=====================_181641757==.ALT Content-Type: text/html; charset="us-ascii" Ray has informed the chairs that this version addresses all the issues that
have been raised so far. We are planning to start a WGLC on this version real
soon. I you have raised issues with earlier version of the document take a look
at this version.

        Olafur & Andrew.

At 12:00 02/03/2009, Internet-Drafts@ietf.org wrote:
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the DNS Extensions Working Group of the IETF.


         Title           : DNS Proxy Implementation Guidelines
         Author(s)       : R. Bellis
         Filename        : draft-ietf-dnsext-dnsproxy-02.txt
         Pages           : 13
         Date            : 2009-03-02

This document provides guidelines for the implementation of DNS
proxies, as found in broadband gateways and other similar network
devices.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnsproxy-02.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.


< ftp://ftp.ietf.org/internet-drafts/draft-ietf-dnsext-dnsproxy-02.txt >
--=====================_181641757==.ALT-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 2 11:42:02 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AD4CF28C0FD; Mon, 2 Mar 2009 11:42:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.345 X-Spam-Level: X-Spam-Status: No, score=-0.345 tagged_above=-999 required=5 tests=[AWL=-0.150, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nbLJNndb6XIW; Mon, 2 Mar 2009 11:42:01 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id B5B2128C0DC; Mon, 2 Mar 2009 11:42:01 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeDvU-000ILC-LO for namedroppers-data0@psg.com; Mon, 02 Mar 2009 19:35:44 +0000 Received: from [217.147.82.63] (helo=mail.avalus.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeDvR-000IKr-RI for namedroppers@ops.ietf.org; Mon, 02 Mar 2009 19:35:43 +0000 Received: from [192.168.100.48] (localhost [127.0.0.1]) by mail.avalus.com (Postfix) with ESMTP id 4E16FC2DA5; Mon, 2 Mar 2009 19:35:36 +0000 (GMT) Date: Mon, 02 Mar 2009 19:37:39 +0000 From: Alex Bligh Reply-To: Alex Bligh To: =?UTF-8?Q?=C3=93lafur_Gu=C3=B0mundsson_=2FDNSEXT_chair?= , namedroppers@ops.ietf.org cc: Alex Bligh Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-02.txt Message-ID: X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: A few nits. None of them should require another revision before last call, and I'd certainly not die in a ditch for any of them. * Section 1, Introduction, para 3 s/This documents/This document/ * Section 3, The Transparency principle, para 1 It would not only be impractical but require clairvoyance for a proxy to implement all *future* DNS features. I think "all DNS features" is sufficient for the meaning. * Section 3, The Transparency principle, para starting "Furthermore" perhaps reads easier if you insert commas as in "then, for it to function correctly, it would need" * Section 3, The Transparency principle, > Except when required to enforce an active security or network policy > (such as maintaining a pre-authentication "walled garden"), end-users > SHOULD be able to send their DNS queries to specified upstream > resolvers. In this case, the proxy SHOULD NOT modify the packets in > any way except for modifying IP and TCP/UDP headers as required by > NAT. a) technically the exclusion should be "IP forwarding or NAT" (you are not deprecating reducing the IP TTL). Perhaps better to refer to not modifying the query? Also the response to the query should not be modified. b) I fully agree with the sentiment here, but I think the point that if DNS packets to other name servers are passed through without alteration then it isn't (in respect of those packets) acting as a proxy in any sense at all. It's acting as an IP forwarding device and/or NAT. How about "In this case, the device SHOULD NOT proxy the query, SHOULD transmit the packets onward as it does any other packet and SHOULD NOT modify the DNS query or any response to it". * 4.4.1. TCP Transport, para 1 Add a comma after "because of truncation". Also there is a surplus space before the final full stop. * 4.4.3. IP Fragmentation > Therefore it is RECOMMENDED (whichever of options 2 or 3 above is in > use) that gateways SHOULD be capable of forwarding UDP packets up to > a payload size of at least 4096 octets. Is there a IETF-semantic reason not to write this the simpler and more obvious way, i.e. Therefore, gateways SHOULD (whichever of options 2 or 3 above is taken) be capable of forwarding UDP packets up to a payload size of at least 4096 octets. Also, elsewhere the style you have used is "proxies SHOULD" not "gateways SHOULD"; there is a risk people might see the distinction as significant and wonder what it is. I realise this is where the proxy is acting as a gateway rather than a proxy, but you haven't made this distinction elsewhere. So s/gateways SHOULD/proxies SHOULD/ in the above. * 6.1. Forgery Resilience > If a DNS proxy is running on a broadband gateway with NAT that is > compliant with [RFC4787] then it SHOULD also follow the > recommendations for how long DNS state is kept from Section 10 of > [RFC5452] Unfortunate "kept from". Try: If a DNS proxy is running on a broadband gateway with NAT that is compliant with [RFC4787] then it SHOULD also follow the recommendations in Section 10 of [RFC5452] concerning how long DNS state is kept. Alex -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 2 12:38:17 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7BE593A68CB; Mon, 2 Mar 2009 12:38:17 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.54 X-Spam-Level: X-Spam-Status: No, score=-0.54 tagged_above=-999 required=5 tests=[AWL=-0.046, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Aq167sohKbxS; Mon, 2 Mar 2009 12:38:16 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 696CB3A6A3A; Mon, 2 Mar 2009 12:38:05 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeEpR-000LzQ-Vi for namedroppers-data0@psg.com; Mon, 02 Mar 2009 20:33:33 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeEpO-000Lyy-PO for namedroppers@ops.ietf.org; Mon, 02 Mar 2009 20:33:32 +0000 Received: from [192.168.1.102] (mail.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n22KXPip099314; Mon, 2 Mar 2009 15:33:26 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <20090302154345.GA1700@shinkuro.com> References: <20090302154345.GA1700@shinkuro.com> Date: Mon, 2 Mar 2009 15:33:24 -0500 To: Andrew Sullivan From: Edward Lewis Subject: Re: [dnsext] Timeslot at IETF74? Cc: namedroppers@ops.ietf.org Content-Type: multipart/alternative; boundary="============_-976096491==_ma============" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --============_-976096491==_ma============ Content-Type: text/plain; charset="us-ascii" ; format="flowed" At 10:43 -0500 3/2/09, Andrew Sullivan wrote: >There isn't going to be one, which is why you don't see the timeslot. >We asked many weeks ago whether anyone had possible agenda items for a >meeting; if not, we would have no meeting. We didn't get responses >with items that needed discussion, so we didn't schedule a session. Isn't saying there's going to be no meeting leading to no requests for agenda items a bit of "self-fulfilling prophecy?" >(This is in keeping with the WG's charter that we're sleeping.) And, if the WG is indeed sleeping... http://www.ops.ietf.org/lists/namedroppers/namedroppers.2008/msg00684.html "It became clear to me at the last IETF meeting that perhaps DNSEXT is not as "dormant" as we expected it was going to be..." (Why I wasn't surprised: http://www.ops.ietf.org/lists/namedroppers/namedroppers.2007/msg00247.html) The dormant label was officially posted here: http://www.ops.ietf.org/lists/namedroppers/namedroppers.2007/msg00763.html -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Never confuse activity with progress. Activity pays more. --============_-976096491==_ma============ Content-Type: text/html; charset="us-ascii" Re: [dnsext] Timeslot at IETF74?
At 10:43 -0500 3/2/09, Andrew Sullivan wrote:

>There isn't going to be one, which is why you don't see the timeslot.
>We asked many weeks ago whether anyone had possible agenda items for a
>meeting; if not, we would have no meeting.  We didn't get responses
>with items that needed discussion, so we didn't schedule a session.

Isn't saying there's going to be no meeting leading to no requests for agenda items a bit of "self-fulfilling prophecy?"

>(This is in keeping with the WG's charter that we're sleeping.)

And, if the WG is indeed sleeping...

http://www.ops.ietf.org/lists/namedroppers/namedroppers.2008/msg00684.html
"It became clear to me at the last IETF meeting that perhaps DNSEXT is not as "dormant" as we expected it was going to be..."

(Why I wasn't surprised: http://www.ops.ietf.org/lists/namedroppers/namedroppers.2007/msg00247.html)

The dormant label was officially posted here:
http://www.ops.ietf.org/lists/namedroppers/namedroppers.2007/msg00763.html

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis             
NeuStar                    You can leave a voice message at +1-571-434-5468

Never confuse activity with progress.  Activity pays more.
--============_-976096491==_ma============-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 2 13:16:16 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AA62528C268; Mon, 2 Mar 2009 13:16:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.35 X-Spam-Level: X-Spam-Status: No, score=-0.35 tagged_above=-999 required=5 tests=[AWL=-0.750, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_INFO=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y8uoC8SZlkNL; Mon, 2 Mar 2009 13:16:15 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 571EE28C261; Mon, 2 Mar 2009 13:16:15 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeFQ7-000O09-G8 for namedroppers-data0@psg.com; Mon, 02 Mar 2009 21:11:27 +0000 Received: from [208.86.224.201] (helo=mail.yitter.info) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeFQ4-000Nzl-Be for namedroppers@ops.ietf.org; Mon, 02 Mar 2009 21:11:25 +0000 Received: from crankycanuck.ca (69-196-144-230.dsl.teksavvy.com [69.196.144.230]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yitter.info (Postfix) with ESMTPSA id 020122FEA3F8 for ; Mon, 2 Mar 2009 21:11:22 +0000 (UTC) Date: Mon, 2 Mar 2009 16:11:21 -0500 From: Andrew Sullivan To: namedroppers@ops.ietf.org Subject: Re: [dnsext] Timeslot at IETF74? Message-ID: <20090302211120.GM1700@shinkuro.com> References: <20090302154345.GA1700@shinkuro.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Mon, Mar 02, 2009 at 03:33:24PM -0500, Edward Lewis wrote: > Isn't saying there's going to be no meeting leading to no requests for > agenda items a bit of "self-fulfilling prophecy?" I think if you examine the original mail, which you can find at http://ops.ietf.org/lists/namedroppers/namedroppers.2008/msg02413.html, you will see that we said _we_ didn't think there was business that would warrant a meeting; so we weren't planning one. However, we left open the possibility that there _would_ be a meeting in the event that we received feedback to the effect that one was needed. The bar was pretty low: we excluded only topics for which there was no existing draft and about which there was already no discussion on the mailing list. I received exactly one response to this email, from someone _asking_ whether a particular draft needed discussion. My response was to ask in return whether any of the open items had not been addressed on the mailing list. The interlocutor said that in fact the issues did all seem to be closed; the main issue was one of getting an updated draft available. In the end, we agreed that it was not enough of a topic to justify a meeting slot. On the IETF lists, I have noticed many expressions of interest around virtual meetings, and pressure to reduce the number of WG meetings that are scheduled during the IETF meeting because the IETF meeting appears to be expanding to fill all possible calendar time. I've heard more than one comment that many WG meetings are mostly status updates that could easily be addressed on the mailing list. I have even heard one of the participants in this thread express similar sentiments to me, privately. Therefore, we thought we would ask the participants whether there were things in which they felt they had enough to say to warrant scheduling a meeting. We didn't hear a response (save the one I outiline above). Therefore, we Chairs concluded that there wasn't a strong demand for a meeting and we couldn't justify using a community resource (a block of time) "just in case". If you believe that conclusion was in error, I invite you to make the argument for an alternative conclusion. > And, if the WG is indeed sleeping... Well, that's what our charter says. > (Why I wasn't surprised: > http://www.ops.ietf.org/lists/namedroppers/namedroppers.2007/msg00247.html) I note that the end of that mail includes this sentence: "Where's the energy for all this?" One thing we can do to focus what energy that exists is to try to spend all of it on actual documents and review. That's effort that can occur on the mailing list until such time as we run into something that warrants face to face time, no? If people really think that we should have planned a slot in San Francisco -- and that, by implication, we should plan to do so in Stockholm and Hiroshima -- I would like to hear it. But I will say that I am not a fan of meeting for meeting's sake. I'm sure all of us could find useful things to do with the hour or two that would be saved. One suggestion I have is for each of us to take the time we might otherwise spend in a DNSEXT meeting, and devote it to a really deep and complete review of just one of the documents sitting in the DNSEXT queue. Best, A -- Andrew Sullivan ajs@shinkuro.com Shinkuro, Inc. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From mockingatticus@2by2.net Mon Mar 2 14:53:15 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 005AC3A6A09 for ; Mon, 2 Mar 2009 14:53:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.293 X-Spam-Level: X-Spam-Status: No, score=-1.293 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_RELAY_NODNS=1.451, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BR=0.955, HELO_EQ_DSL=1.129, HELO_MISMATCH_BR=2.4, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_NONE=0.1, SARE_UNI=0.591, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I8MyXIZFgF9T for ; Mon, 2 Mar 2009 14:53:14 -0800 (PST) Received: from 189-11-84-35.mganm703.dsl.brasiltelecom.net.br (unknown [201.3.66.47]) by core3.amsl.com (Postfix) with SMTP id D53AE28C29A for ; Mon, 2 Mar 2009 14:53:04 -0800 (PST) To: Subject: We're updating your account for the better! From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090302225309.D53AE28C29A@core3.amsl.com> Date: Mon, 2 Mar 2009 14:53:04 -0800 (PST)
Tell a friend · Download latest version See this email as a webpage

Hello!

Shipped Privately And Discreetly To Your Door!
See this email as a webpage
  We want to put a great big grin on your face in 2009. You'll be to rejoice all year.  

Unsubscribe · Lost Password · Account Settings · Help · Terms of Service · Privacy

© 2003-2009 TRADEs Limited.TRADEs Communications S.a.r.l., 22/24 Green St, Amsterdam L3677.

TRADEs, TRADEsIn, TRADEsOut, TRADEscasts, TRADEs Certified, TRADEsMe!, TRADEs Pro, TRADEsFind, TRADEs Prime, TRADEs To Go, associated logos and the TRADES-symbol are trademarks of TRADEs Limited.
From stanislawa.swist@link4.pl Tue Mar 3 00:40:29 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C6C593A69C4; Tue, 3 Mar 2009 00:40:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.883 X-Spam-Level: X-Spam-Status: No, score=0.883 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_ROLEX=5, HELO_MISMATCH_NET=0.611, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_SPEC_ROLEX=1.666, SARE_SPEC_ROLEX_NOV5A=1.062, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SBL=20, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qHlyhYSUhiBN; Tue, 3 Mar 2009 00:40:29 -0800 (PST) Received: from CUSTOMER.VPLS.NET (unknown [217.75.210.31]) by core3.amsl.com (Postfix) with SMTP id 33CC23A69E5; Tue, 3 Mar 2009 00:39:59 -0800 (PST) X-Originating-IP: 202.137.252.60 by 204.32.72.121; Tue, 03 Mar 2009 09:36:31 +0100 Message-ID: From: "Eula Kelley" To: "Claudia Robison" Subject: Impress everyone with wealth and watches Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Date: Tue, 03 Mar 2009 00:40:31 -0800 There's no time like the present, and isn't it time you got yourself a beautiful designer watch? http://hamsterswatches.cn At Exquisite Reps you will find exactly the watch you're looking for, at prices that will make you blink twice. That's right! Here you can get a Rolex, a Breitling, a Tag or pretty much every fine brand timepiece for less than ten percent their original price! http://hamsterswatches.cn Get ready to feel like a kid in a candy store when you see our incredible collection of fine reproduction timepieces at Exquisite Reps! Come on, get started now! From owner-namedroppers@ops.ietf.org Tue Mar 3 01:09:07 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E8E1D3A6920; Tue, 3 Mar 2009 01:09:07 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.321 X-Spam-Level: X-Spam-Status: No, score=-102.321 tagged_above=-999 required=5 tests=[AWL=0.279, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QmFNht6xNfxZ; Tue, 3 Mar 2009 01:09:07 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id AC8293A6922; Tue, 3 Mar 2009 01:08:27 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeQUP-0000nO-KX for namedroppers-data0@psg.com; Tue, 03 Mar 2009 09:00:37 +0000 Received: from [2001:1890:1112:1::20] (helo=mail.ietf.org) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeQUH-0000mh-Oz for namedroppers@ops.ietf.org; Tue, 03 Mar 2009 09:00:33 +0000 Received: by core3.amsl.com (Postfix, from userid 0) id 940183A6A8D; Tue, 3 Mar 2009 01:00:01 -0800 (PST) From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org Cc: namedroppers@ops.ietf.org Subject: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 Message-Id: <20090303090001.940183A6A8D@core3.amsl.com> Date: Tue, 3 Mar 2009 01:00:01 -0800 (PST) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS Extensions Working Group of the IETF. Title : DNS Proxy Implementation Guidelines Author(s) : R. Bellis Filename : draft-ietf-dnsext-dnsproxy-03.txt Pages : 13 Date : 2009-03-03 This document provides guidelines for the implementation of DNS proxies, as found in broadband gateways and other similar network devices. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnsproxy-03.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-dnsext-dnsproxy-03.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2009-03-03005415.I-D@ietf.org> --NextPart-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Mar 3 01:31:06 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3895F3A6B2D; Tue, 3 Mar 2009 01:31:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.948 X-Spam-Level: X-Spam-Status: No, score=-4.948 tagged_above=-999 required=5 tests=[AWL=-1.650, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lAT8pQO+6sBQ; Tue, 3 Mar 2009 01:31:05 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 2C4BE3A6B12; Tue, 3 Mar 2009 01:31:05 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeQtl-0002dc-E9 for namedroppers-data0@psg.com; Tue, 03 Mar 2009 09:26:49 +0000 Received: from [213.248.199.24] (helo=mx4.nominet.org.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeQtZ-0002cg-Lb for namedroppers@ops.ietf.org; Tue, 03 Mar 2009 09:26:39 +0000 DomainKey-Signature: s=main.dk.nominet.selector; d=nominet.org.uk; c=nofws; q=dns; h=X-IronPort-AV:Received:In-Reply-To:References:To:Subject: MIME-Version:X-Mailer:Message-ID:From:Date:X-MIMETrack: Content-Type; b=B3dTcaOM1RL3SLAxuO/SSmZrirVwh+6Uz6lAIqHlwIt2fCPhLhtejBZg LusTxAGvI6dpsUzJEzx5IgVqSBj2MMHEuddpIwi3Io65DGypxuuQpShCr BDSKDJNYqzdzFFN; DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nominet.org.uk; i=Ray.Bellis@nominet.org.uk; q=dns/txt; s=main.dkim.nominet.selector; t=1236072397; x=1267608397; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20Ray.Bellis@nominet.org.uk|Subject:=20Re:=20[dnse xt]=20I-D=20Action:draft-ietf-dnsext-dnsproxy-03.txt |Date:=20Tue,=203=20Mar=202009=2009:26:34=20+0000 |Message-ID:=20|To:=20namedroppers@ops.i etf.org|MIME-Version:=201.0|In-Reply-To:=20<2009030309000 1.940183A6A8D@core3.amsl.com>|References:=20<200903030900 01.940183A6A8D@core3.amsl.com>; bh=Eg3mHaT9lWRB4fs8ItMx9ZpqRy2RiTIJ8zHSYwQ4UWw=; b=h95gGS8ptDIsVhTUJXPuLQjGbeLWCVmE7zDywghbBaFqdwEiobtEiXpO 8VnIPxQs74qzdKqp950aZXW4dbmokoMt1Q/+L2YHEUp2eMiiUVAAubXKO kOIMLbMuPYrsYv9; X-IronPort-AV: E=Sophos;i="4.38,295,1233532800"; d="scan'208";a="8783378" Received: from notes1.nominet.org.uk ([213.248.197.128]) by mx4.nominet.org.uk with ESMTP; 03 Mar 2009 09:26:35 +0000 In-Reply-To: <20090303090001.940183A6A8D@core3.amsl.com> References: <20090303090001.940183A6A8D@core3.amsl.com> To: namedroppers@ops.ietf.org Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt MIME-Version: 1.0 X-Mailer: Lotus Notes Build V85_M2_08202008 August 20, 2008 Message-ID: From: Ray.Bellis@nominet.org.uk Date: Tue, 3 Mar 2009 09:26:34 +0000 X-MIMETrack: Serialize by Router on notes1/Nominet(Release 7.0.1FP1 | May 25, 2006) at 03/03/2009 09:26:35 AM, Serialize complete at 03/03/2009 09:26:35 AM Content-Type: multipart/alternative; boundary="=_alternative 0033DF2C8025756E_=" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: This is a multipart message in MIME format. --=_alternative 0033DF2C8025756E_= Content-Type: text/plain; charset="US-ASCII" > Title : DNS Proxy Implementation Guidelines > Author(s) : R. Bellis > Filename : draft-ietf-dnsext-dnsproxy-03.txt > Pages : 13 > Date : 2009-03-03 This small update addresses the editorial nits found by Alex Bligh. Ray -- Ray Bellis, MA(Oxon) MIET Senior Researcher in Advanced Projects, Nominet e: ray@nominet.org.uk, t: +44 1865 332211 --=_alternative 0033DF2C8025756E_= Content-Type: text/html; charset="US-ASCII" >    Title           : DNS Proxy Implementation Guidelines
>    Author(s)       : R. Bellis
>    Filename        : draft-ietf-dnsext-dnsproxy-03.txt
>    Pages           : 13
>    Date            : 2009-03-03
This small update addresses the editorial nits found by Alex Bligh.

Ray

--
Ray Bellis, MA(Oxon) MIET
Senior Researcher in Advanced Projects, Nominet
e: ray@nominet.org.uk, t: +44 1865 332211 --=_alternative 0033DF2C8025756E_=-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Mar 3 01:59:29 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EE2B928C23C; Tue, 3 Mar 2009 01:59:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.796 X-Spam-Level: X-Spam-Status: No, score=-0.796 tagged_above=-999 required=5 tests=[AWL=-0.301, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GpFmrZYnzPbI; Tue, 3 Mar 2009 01:59:24 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 63C9028C211; Tue, 3 Mar 2009 01:59:24 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeRJr-0003zO-Ax for namedroppers-data0@psg.com; Tue, 03 Mar 2009 09:53:47 +0000 Received: from [217.147.82.63] (helo=mail.avalus.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeRJl-0003yk-Nt for namedroppers@ops.ietf.org; Tue, 03 Mar 2009 09:53:44 +0000 Received: from [192.168.100.48] (localhost [127.0.0.1]) by mail.avalus.com (Postfix) with ESMTP id C29D7C2DA5; Tue, 3 Mar 2009 09:53:39 +0000 (GMT) Date: Tue, 03 Mar 2009 09:55:42 +0000 From: Alex Bligh Reply-To: Alex Bligh To: Internet-Drafts@ietf.org, i-d-announce@ietf.org cc: namedroppers@ops.ietf.org, Alex Bligh Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt Message-ID: <3C22AC828D07B201E8122784@nimrod.local> In-Reply-To: <20090303090001.940183A6A8D@core3.amsl.com> References: <20090303090001.940183A6A8D@core3.amsl.com> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: I suspect there is probably no useful answer to this, but anyway. I think $subject is a useful draft. I hope it gets turned into an RFC (let's say RFC54321). One very useful product of that would be that next time a relative goes into PC World to buy a piece of ADSL hardware, and says "please tell me which one to pick", I can say "just make sure it has RFC54321 support in the big list of numbers on the back". More realistically, ISPs could make purchasing decisions for bulk CPE based on RFC54321 compliance, or put in RFC54321 compliance as a tender requirement. Or can they? As everything in the document is a "SHOULD" / "SHOULD NOT", no CPE will break any mandatory requirement. Therefore, is every bit of CPE right now not already compliant? Or to pick a less extreme example, is CPE that meets every requirement but two "SHOULDs" compliant? It seems to me it is. I appreciate the purpose of the document is to guide, but another way to look at it would be to say "to comply with this RFC, you must meet all the specs in it; your CPE will not explode if it doesn't meet the requirements, nor will the internet police arrest you, but you won't comply with the RFC". Then we do (effectively) a s/SHOULD/MUST/g on the document. I know that changes the nature of the document from a "helping hand BCP" to a "gold standard for CPE DNS behaviour", but I am having second thoughts (but remain undecided) as to whether or not that's a bad thing. Alex -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Mar 3 13:33:08 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 513823A680F; Tue, 3 Mar 2009 13:33:08 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bCIfGrbghM5v; Tue, 3 Mar 2009 13:33:07 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 538C43A680E; Tue, 3 Mar 2009 13:33:07 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lec4i-000HU8-Se for namedroppers-data0@psg.com; Tue, 03 Mar 2009 21:22:52 +0000 Received: from [2001:4f8:0:2::1c] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lec4X-000HTC-RY for namedroppers@ops.ietf.org; Tue, 03 Mar 2009 21:22:45 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTPS id 1E388114027; Tue, 3 Mar 2009 21:22:31 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (drugs.dv.isc.org [IPv6:2001:470:1f00:820:214:22ff:fed9:fbdc]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "drugs.dv.isc.org", Issuer "ISC CA" (not verified)) by farside.isc.org (Postfix) with ESMTP id 7BC26E6079; Tue, 3 Mar 2009 21:22:30 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.14.3/8.14.3) with ESMTP id n23LMQmb003926; Wed, 4 Mar 2009 08:22:28 +1100 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200903032122.n23LMQmb003926@drugs.dv.isc.org> To: Alex Bligh Cc: Internet-Drafts@ietf.org, i-d-announce@ietf.org, namedroppers@ops.ietf.org From: Mark Andrews Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt In-reply-to: Your message of "Tue, 03 Mar 2009 09:55:42 -0000." <3C22AC828D07B201E8122784@nimrod.local> Date: Wed, 04 Mar 2009 08:22:26 +1100 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: In message <3C22AC828D07B201E8122784@nimrod.local>, Alex Bligh writes: > I suspect there is probably no useful answer to this, but anyway. > > I think $subject is a useful draft. I hope it gets turned into an RFC (let's > say RFC54321). One very useful product of that would be that next time a > relative goes into PC World to buy a piece of ADSL hardware, and says > "please tell me which one to pick", I can say "just make sure it has > RFC54321 support in the big list of numbers on the back". More > realistically, ISPs could make purchasing decisions for bulk CPE based > on RFC54321 compliance, or put in RFC54321 compliance as a tender > requirement. > > Or can they? As everything in the document is a "SHOULD" / "SHOULD NOT", > no CPE will break any mandatory requirement. Therefore, is every bit of > CPE right now not already compliant? Or to pick a less extreme example, > is CPE that meets every requirement but two "SHOULDs" compliant? It seems > to me it is. > > I appreciate the purpose of the document is to guide, but another way to > look at it would be to say "to comply with this RFC, you must meet all > the specs in it; your CPE will not explode if it doesn't meet the > requirements, nor will the internet police arrest you, but you won't > comply with the RFC". Then we do (effectively) a s/SHOULD/MUST/g on > the document. There are MUSTs in the document. Part of the problem is that it is written to account for both a DPI firewall and a plain DNS proxy which is not inspecting data. Writing a document that is focused on firewalls and DNS may be one way to work around this. Mark > I know that changes the nature of the document from a "helping hand BCP" > to a "gold standard for CPE DNS behaviour", but I am having second thoughts > (but remain undecided) as to whether or not that's a bad thing. > > Alex > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From mbialon@aii.edu Tue Mar 3 13:50:17 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 930AF28C15D for ; Tue, 3 Mar 2009 13:50:17 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -12.239 X-Spam-Level: X-Spam-Status: No, score=-12.239 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HELO_EQ_BR=0.955, HOST_EQ_BR=1.295, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DWhrYQd8yhnu for ; Tue, 3 Mar 2009 13:50:15 -0800 (PST) Received: from 201008069131.user.veloxzone.com.br (201008069131.user.veloxzone.com.br [201.8.69.131]) by core3.amsl.com (Postfix) with SMTP id 23A7C28C155 for ; Tue, 3 Mar 2009 13:50:12 -0800 (PST) To: Subject: You've received an answer to your question From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090303215013.23A7C28C155@core3.amsl.com> Date: Tue, 3 Mar 2009 13:50:12 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.clearquiet.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://clearquiet.com/faq.php

Privacy Statement | Terms & Conditions | Contact

KEYWORD Ltd.
Tower Bridge Business Complex. Unit 5, B934. 547 Clements Road. London. SE31 1DG

© 2006-2008 KEYWORD, Ltd. All Rights Reserved

From owner-namedroppers@ops.ietf.org Tue Mar 3 17:02:53 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4D8AC3A6A2A; Tue, 3 Mar 2009 17:02:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JFkNbqAoi+jd; Tue, 3 Mar 2009 17:02:52 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 6F66D3A68CF; Tue, 3 Mar 2009 17:02:52 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LefQ7-0003EI-J7 for namedroppers-data0@psg.com; Wed, 04 Mar 2009 00:57:11 +0000 Received: from [2001:4f8:0:2::1c] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LefQ0-0003Dt-Kn for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 00:57:07 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTPS id D7931114052 for ; Wed, 4 Mar 2009 00:56:53 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (drugs.dv.isc.org [IPv6:2001:470:1f00:820:214:22ff:fed9:fbdc]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "drugs.dv.isc.org", Issuer "ISC CA" (not verified)) by farside.isc.org (Postfix) with ESMTP id 43168E6073 for ; Wed, 4 Mar 2009 00:56:53 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.14.3/8.14.3) with ESMTP id n240un3E012505 for ; Wed, 4 Mar 2009 11:56:50 +1100 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200903040056.n240un3E012505@drugs.dv.isc.org> To: namedroppers@ops.ietf.org From: Mark Andrews Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt In-reply-to: Your message of "Tue, 03 Mar 2009 09:55:42 -0000." <3C22AC828D07B201E8122784@nimrod.local> Date: Wed, 04 Mar 2009 11:56:49 +1100 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Section 4.4.3. IP Fragmentation doesn't mention about the handling of out of order fragments. Mark -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From onea@alignmark.com Tue Mar 3 19:51:48 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 271B23A6985 for ; Tue, 3 Mar 2009 19:51:48 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -13.406 X-Spam-Level: X-Spam-Status: No, score=-13.406 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HTML_MESSAGE=0.001, MANGLED_OFF=2.3, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nuh72moBzjcI for ; Tue, 3 Mar 2009 19:51:47 -0800 (PST) Received: from host81-132-23-24.range81-132.btcentralplus.com (host81-132-23-24.range81-132.btcentralplus.com [81.132.23.24]) by core3.amsl.com (Postfix) with SMTP id B58563A683D for ; Tue, 3 Mar 2009 19:51:44 -0800 (PST) To: Subject: RE: March 20% 0FF From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090304035145.B58563A683D@core3.amsl.com> Date: Tue, 3 Mar 2009 19:51:44 -0800 (PST)
Tell a friend · Download latest version See this email as a webpage

Hello!

Shipped Privately And Discreetly To Your Door!
See this email as a webpage
  We want to put a great big grin on your face in 2009. You'll be to rejoice all year.  

Unsubscribe · Lost Password · Account Settings · Help · Terms of Service · Privacy

© 2003-2009 TRADEs Limited.TRADEs Communications S.a.r.l., 22/24 Green St, Amsterdam L3677.

TRADEs, TRADEsIn, TRADEsOut, TRADEscasts, TRADEs Certified, TRADEsMe!, TRADEs Pro, TRADEsFind, TRADEs Prime, TRADEs To Go, associated logos and the TRADES-symbol are trademarks of TRADEs Limited.
From owner-namedroppers@ops.ietf.org Wed Mar 4 00:35:30 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 222453A6B89; Wed, 4 Mar 2009 00:35:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.95 X-Spam-Level: X-Spam-Status: No, score=0.95 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_NL=0.55, HELO_MISMATCH_NL=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S3CJtA0gmQzk; Wed, 4 Mar 2009 00:35:29 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id A368F3A6B88; Wed, 4 Mar 2009 00:35:28 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LemRd-0003qh-Oi for namedroppers-data0@psg.com; Wed, 04 Mar 2009 08:27:13 +0000 Received: from [213.154.224.43] (helo=sol.nlnetlabs.nl) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LemRO-0003py-Sm for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 08:27:10 +0000 Received: from jelte (vhe-520087.sshn.net [195.169.221.157]) by sol.nlnetlabs.nl (Postfix) with ESMTP id E5BDC131414 for ; Wed, 4 Mar 2009 09:26:56 +0100 (CET) Received: from [192.168.8.11] (dragon [192.168.8.11]) by jelte (Postfix) with ESMTP id D5E7BCF984 for ; Wed, 4 Mar 2009 09:30:17 +0100 (CET) Message-ID: <49AE3B50.6050003@NLnetLabs.nl> Date: Wed, 04 Mar 2009 09:26:56 +0100 From: Jelte Jansen User-Agent: Thunderbird 2.0.0.19 (X11/20090105) MIME-Version: 1.0 To: "namedroppers@ops.ietf.org" Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnssec-rsasha256-11.txt References: <20090227151502.1DBE53A6A69@core3.amsl.com> In-Reply-To: <20090227151502.1DBE53A6A69@core3.amsl.com> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Internet-Drafts@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the DNS Extensions Working Group of the IETF. > > > Title : Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC > Author(s) : J. Jansen > Filename : draft-ietf-dnsext-dnssec-rsasha256-11.txt > Pages : 8 > Date : 2009-02-27 > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-rsasha256-11.txt > this draft I submitted last week contains a bit of text about the use of the term SHA-2, as proposed by Ed. I also updated the text of section 5 to be more clear, but I decided not to include the tables provided by Mark, as in my opinion, they would suggest that this draft would update the handling of existing algorithms. Leaving those out would reduce the table to exactly the text above, and that seemed unnecessary. So please take another look, i think it's about done now. For your convenience, a wdiff of 10-11 can be found here: http://nlnetlabs.nl/downloads/publications/draft-ietf-dnsext-dnssec-rsasha256-wdiff-10-11.html Jelte -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmuO00ACgkQ4nZCKsdOncWaXgCg0dwgrYtwSlGYWc/PyJ4vf6tP N04AoMVIzAq1XrSA4SgHTC4YsGXWfPo5 =7Utg -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 01:29:19 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 038F53A6A7D; Wed, 4 Mar 2009 01:29:19 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.72 X-Spam-Level: X-Spam-Status: No, score=-0.72 tagged_above=-999 required=5 tests=[AWL=-0.225, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4rOZmcr6zfxq; Wed, 4 Mar 2009 01:29:18 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 35BD13A6A48; Wed, 4 Mar 2009 01:29:18 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LenKv-0007C6-OV for namedroppers-data0@psg.com; Wed, 04 Mar 2009 09:24:21 +0000 Received: from [217.147.82.63] (helo=mail.avalus.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LenKq-0007Bq-Na for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 09:24:19 +0000 Received: from [192.168.100.15] (localhost [127.0.0.1]) by mail.avalus.com (Postfix) with ESMTP id 936F6C2DA7; Wed, 4 Mar 2009 09:24:14 +0000 (GMT) Date: Wed, 04 Mar 2009 09:23:38 +0000 From: Alex Bligh Reply-To: Alex Bligh To: namedroppers@ops.ietf.org cc: Alex Bligh Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt Message-ID: In-Reply-To: <200903040056.n240un3E012505@drugs.dv.isc.org> References: <200903040056.n240un3E012505@drugs.dv.isc.org> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Ray, 4.5. Secret Key Transaction Authentication for DNS (TSIG) > As per Section 4.3, DNS proxies SHOULD be capable of proxying packets > containing TKEY [RFC2930] Resource Records. All the provisions within 4.3 are MUSTs. Alex -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 01:30:25 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9F8CA28C35B; Wed, 4 Mar 2009 01:30:24 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.675 X-Spam-Level: X-Spam-Status: No, score=-0.675 tagged_above=-999 required=5 tests=[AWL=-0.180, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MYyMWyt1ZI3j; Wed, 4 Mar 2009 01:30:23 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id EB84128C352; Wed, 4 Mar 2009 01:30:22 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LenOM-0007QM-QO for namedroppers-data0@psg.com; Wed, 04 Mar 2009 09:27:54 +0000 Received: from [217.147.82.63] (helo=mail.avalus.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LenOA-0007Ol-59 for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 09:27:44 +0000 Received: from [192.168.100.15] (localhost [127.0.0.1]) by mail.avalus.com (Postfix) with ESMTP id 73918C2DA5; Wed, 4 Mar 2009 09:27:40 +0000 (GMT) Date: Wed, 04 Mar 2009 09:27:06 +0000 From: Alex Bligh Reply-To: Alex Bligh To: Mark Andrews cc: namedroppers@ops.ietf.org, Alex Bligh Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt Message-ID: In-Reply-To: <200903032122.n23LMQmb003926@drugs.dv.isc.org> References: <200903032122.n23LMQmb003926@drugs.dv.isc.org> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --On 4 March 2009 08:22:26 +1100 Mark Andrews wrote: >> I appreciate the purpose of the document is to guide, but another way to >> look at it would be to say "to comply with this RFC, you must meet all >> the specs in it; your CPE will not explode if it doesn't meet the >> requirements, nor will the internet police arrest you, but you won't >> comply with the RFC". Then we do (effectively) a s/SHOULD/MUST/g on >> the document. > > There are MUSTs in the document. Part of the problem is that > it is written to account for both a DPI firewall and a plain > DNS proxy which is not inspecting data. True, but not many (6, that are not explicitly referring to MUSTs from other RFCs, though granted these are important). > Part of the problem is that > it is written to account for both a DPI firewall and a plain > DNS proxy which is not inspecting data. > Writing a document that is focused on firewalls and DNS may be > one way to work around this. Sure. But I think there are 'SHOULD's in there which are not specific to both. For instance (all from section 4): DNS proxies SHOULD therefore be prepared to receive and forward queries over TCP. However some proxies have been observed to either reject (with a FORMERR response code) or black-hole any packet containing an OPT RR. As per Section 4.1 proxies SHOULD NOT refuse to proxy such packets. Therefore proxies SHOULD (whichever of options 2 or 3 above is in use) be capable of forwarding UDP packets up to a payload size of at least 4096 octets. Since UDP packets larger than 512 octets are now expected in normal operation, proxies SHOULD NOT truncate UDP packets that exceed that size. I think my argument could be applied to section 4 of the document, if not sections 5 and 6. Alex -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From el.machado@ejupes.adv.br Wed Mar 4 05:41:46 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 765AB3A6A8B; Wed, 4 Mar 2009 05:41:46 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -89.866 X-Spam-Level: X-Spam-Status: No, score=-89.866 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_EQ_DYNAMIC=1.144, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX_NOV5A=1.062, SARE_SPEC_ROLEX_NOV5F=0.666, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JkuykjtT5PDw; Wed, 4 Mar 2009 05:41:45 -0800 (PST) Received: from host237-4-dynamic.35-79-r.retail.telecomitalia.it (host237-4-dynamic.35-79-r.retail.telecomitalia.it [79.35.4.237]) by core3.amsl.com (Postfix) with SMTP id 1FD3628C2A1; Wed, 4 Mar 2009 05:41:33 -0800 (PST) X-Originating-IP: 1.68.63.25 by 100.239.164.24; Wed, 04 Mar 2009 07:35:04 -0600 Message-ID: From: "Lynn Tabor" To: "Julio Hutchins" Subject: Impressive Chopard for a loved one Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Date: Wed, 04 Mar 2009 05:42:04 -0800 So you thought owning a brand name watch was out of your reach? Think again! Now that the Holidays are behind us and stores everywhere are offering their lowest prices of the year, Exquisite Reps is keeping up with the times to help you keep your time with a distinguished watch at a ridiculously low price! Click here now and enjoy our fast shipping and safe billing method while getting the most realistic look on a fine reproduction timepiece. From owner-namedroppers@ops.ietf.org Wed Mar 4 06:16:52 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CB03528C31C; Wed, 4 Mar 2009 06:16:52 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.713 X-Spam-Level: X-Spam-Status: No, score=-4.713 tagged_above=-999 required=5 tests=[AWL=-1.414, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7zTjZKksCic2; Wed, 4 Mar 2009 06:16:51 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id B892928C16D; Wed, 4 Mar 2009 06:16:51 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lermw-0001PG-TZ for namedroppers-data0@psg.com; Wed, 04 Mar 2009 14:09:34 +0000 Received: from [131.111.8.135] (helo=ppsw-5.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lermn-0001OU-PU for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 14:09:29 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:53969) by ppsw-5.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.155]:25) with esmtpa (EXTERNAL:fanf2) id 1Lermk-0005Iq-HH (Exim 4.70) (return-path ); Wed, 04 Mar 2009 14:09:22 +0000 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1Lermk-00043z-Ax (Exim 4.67) (return-path ); Wed, 04 Mar 2009 14:09:22 +0000 Date: Wed, 4 Mar 2009 14:09:22 +0000 From: Tony Finch X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: ietf@ietf.org, namedroppers@ops.ietf.org cc: dot@dotat.at Subject: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems Message-ID: User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: It seems that Vista implements RFC 3484 address selection, including the requirement to sort IP addresses. This breaks a great deal of operational dependence on DNS-based load balancing, as well as being based on an incorrect understanding of how IP addresses are allocated. RFC 3484 needs to be updated to delete this rule, so that the order returned from the DNS is honoured when the client has no better knowledge about which address is appropriate. See http://drplokta.livejournal.com/109267.html http://www.ietf.org/mail-archive/web/ietf/current/msg51874.html http://www.ietf.org/mail-archive/web/discuss/current/msg01035.html http://www.ietf.org/mail-archive/web/dnsop/current/msg05847.html http://lists.debian.org/debian-ctte/2007/11/msg00029.html Tony. -- f.anthony.n.finch http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 06:20:54 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EB9CA3A68A8; Wed, 4 Mar 2009 06:20:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.5 X-Spam-Level: X-Spam-Status: No, score=-0.5 tagged_above=-999 required=5 tests=[AWL=-0.900, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_INFO=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T8Tmb0g2+2aI; Wed, 4 Mar 2009 06:20:54 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 17C053A67B3; Wed, 4 Mar 2009 06:20:54 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LertF-00020G-Ml for namedroppers-data0@psg.com; Wed, 04 Mar 2009 14:16:05 +0000 Received: from [208.86.224.201] (helo=mail.yitter.info) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LertA-0001zL-H3 for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 14:16:02 +0000 Received: from crankycanuck.ca (69-196-144-230.dsl.teksavvy.com [69.196.144.230]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yitter.info (Postfix) with ESMTPSA id 343392FEA3FA for ; Wed, 4 Mar 2009 14:15:59 +0000 (UTC) Date: Wed, 4 Mar 2009 09:15:57 -0500 From: Andrew Sullivan To: namedroppers@ops.ietf.org Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt Message-ID: <20090304141557.GA6574@shinkuro.com> References: <200903032122.n23LMQmb003926@drugs.dv.isc.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, Mar 04, 2009 at 09:27:06AM +0000, Alex Bligh wrote: > DNS proxies SHOULD therefore be prepared to receive and forward > queries over TCP. > > However some proxies have been observed to either reject (with a > FORMERR response code) or black-hole any packet containing an OPT RR. > As per Section 4.1 proxies SHOULD NOT refuse to proxy such packets. > > Therefore proxies SHOULD (whichever of options 2 or 3 above is in > use) be capable of forwarding UDP packets up to a payload size of at > least 4096 octets. > > Since UDP packets larger than 512 octets are now expected in normal > operation, proxies SHOULD NOT truncate UDP packets that exceed that > size. > > I think my argument could be applied to section 4 of the document, > if not sections 5 and 6. [no hat] Remember that MUST is a word that brooks no exceptions. Are you arguing that, for the cases above, under no circumstances should the device behave as described? A -- Andrew Sullivan ajs@shinkuro.com Shinkuro, Inc. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 06:48:51 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 297743A67B3; Wed, 4 Mar 2009 06:48:51 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.375 X-Spam-Level: X-Spam-Status: No, score=0.375 tagged_above=-999 required=5 tests=[AWL=-0.375, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kRQpTgHS4U6t; Wed, 4 Mar 2009 06:48:50 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 9E2593A68CF; Wed, 4 Mar 2009 06:48:39 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LesKr-00048x-SB for namedroppers-data0@psg.com; Wed, 04 Mar 2009 14:44:37 +0000 Received: from [193.227.124.2] (helo=mx01.bfk.de) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LesKj-00047v-ST for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 14:44:34 +0000 Received: from mx00.int.bfk.de ([10.119.110.2]) by mx01.bfk.de with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) id 1LesKL-0006MK-LS; Wed, 04 Mar 2009 15:44:05 +0100 Received: from fweimer by bfk.de with local id 1LesKa-00058c-1f; Wed, 04 Mar 2009 15:44:20 +0100 To: Tony Finch Cc: ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems References: From: Florian Weimer Date: Wed, 04 Mar 2009 15:44:19 +0100 In-Reply-To: (Tony Finch's message of "Wed, 4 Mar 2009 14:09:22 +0000") Message-ID: <824oy94abg.fsf@mid.bfk.de> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: * Tony Finch: > It seems that Vista implements RFC 3484 address selection, including the > requirement to sort IP addresses. This breaks a great deal of operational > dependence on DNS-based load balancing, as well as being based on an > incorrect understanding of how IP addresses are allocated. I assume you are referring to IPv4 address sorting. This has previously been discussed on DNS-related IETF WGs. The general belief is that this is not a DNS issue. I find this a rather strange conclusion, but we have to live with it. RFC 3484 is being revised in one or more of the IPv6-related WGs. I don't know how far this effort has evolved. There does not seem to be a way to address the IPv4 part of the issue indepedently. So right now it seems that the IETF is structurally incapable of correcting this badly engineered specification. --=20 Florian Weimer BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstra=DFe 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 07:02:44 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6D1FC28C375; Wed, 4 Mar 2009 07:02:44 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.537 X-Spam-Level: X-Spam-Status: No, score=-0.537 tagged_above=-999 required=5 tests=[AWL=-0.937, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_INFO=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ii-Ui54KBWOX; Wed, 4 Mar 2009 07:02:43 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 1AAAE28C376; Wed, 4 Mar 2009 07:02:43 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LesYv-0005PI-QC for namedroppers-data0@psg.com; Wed, 04 Mar 2009 14:59:09 +0000 Received: from [208.86.224.201] (helo=mail.yitter.info) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LesYq-0005OW-Nz for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 14:59:07 +0000 Received: from crankycanuck.ca (69-196-144-230.dsl.teksavvy.com [69.196.144.230]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yitter.info (Postfix) with ESMTPSA id 8D5A02FEA3FA; Wed, 4 Mar 2009 14:59:03 +0000 (UTC) Date: Wed, 4 Mar 2009 09:59:02 -0500 From: Andrew Sullivan To: Tony Finch Cc: ietf@ietf.org, namedroppers@ops.ietf.org Subject: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems Message-ID: <20090304145901.GC6574@shinkuro.com> Reply-To: namedroppers@ops.ietf.org References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: [It seems to me that this discussion needs to happen in dnsext, so I've added a Reply-To header to that effect.] On Wed, Mar 04, 2009 at 02:09:22PM +0000, Tony Finch wrote: > > RFC 3484 needs to be updated to delete this rule May I assume that we'll see your I-D specifying the change as soon as possible, then? (I appreciate that it's a little late for a -00, but maybe after the queue re-opens?) Best regards, A -- Andrew Sullivan ajs@shinkuro.com Shinkuro, Inc. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 07:10:20 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6E2BE28C373; Wed, 4 Mar 2009 07:10:20 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.105 X-Spam-Level: X-Spam-Status: No, score=0.105 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, J_CHICKENPOX_13=0.6, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QSXSE+zGvacX; Wed, 4 Mar 2009 07:10:19 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 8E2FA28C331; Wed, 4 Mar 2009 07:10:18 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lesex-00067W-8v for namedroppers-data0@psg.com; Wed, 04 Mar 2009 15:05:23 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LesdM-0005td-BC for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 15:04:07 +0000 Received: from stora.ogud.com (localhost [127.0.0.1]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n24F3fIV014728 for ; Wed, 4 Mar 2009 10:03:41 -0500 (EST) (envelope-from namedroppers@stora.ogud.com) Received: (from namedroppers@localhost) by stora.ogud.com (8.14.3/8.14.3/Submit) id n24F3fUu014727 for namedroppers@ops.ietf.org; Wed, 4 Mar 2009 10:03:41 -0500 (EST) (envelope-from namedroppers) Received: from [2001:630:d0:f102:21e:c9ff:fe2e:e915] (helo=falcon.ecs.soton.ac.uk) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LesAM-0003J4-Bj for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 14:33:49 +0000 Received: from falcon.ecs.soton.ac.uk (localhost.ecs.soton.ac.uk [127.0.0.1]) by falcon.ecs.soton.ac.uk (8.13.8/8.13.8) with ESMTP id n24EXYCD014995; Wed, 4 Mar 2009 14:33:34 GMT Received: from gander.ecs.soton.ac.uk (gander.ecs.soton.ac.uk [2001:630:d0:f102::25d]) by falcon.ecs.soton.ac.uk (falcon.ecs.soton.ac.uk [2001:630:d0:f102::25e]) envelope-from with ESMTP id l23EXY0955044897Bi ret-id none; Wed, 04 Mar 2009 14:33:34 +0000 Received: from login.ecs.soton.ac.uk (login.ecs.soton.ac.uk [IPv6:2001:630:d0:f102:230:48ff:fe59:5f12]) by gander.ecs.soton.ac.uk (8.13.8/8.13.8) with ESMTP id n24EXQtG002185 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 4 Mar 2009 14:33:26 GMT Received: from login.ecs.soton.ac.uk (localhost.localdomain [127.0.0.1]) by login.ecs.soton.ac.uk (8.13.8/8.11.6) with ESMTP id n24EXQmY028811; Wed, 4 Mar 2009 14:33:26 GMT Received: (from tjc@localhost) by login.ecs.soton.ac.uk (8.13.8/8.13.8/Submit) id n24EXQov028810; Wed, 4 Mar 2009 14:33:26 GMT Date: Wed, 4 Mar 2009 14:33:26 +0000 From: Tim Chown To: Tony Finch Cc: ietf@ietf.org, namedroppers@ops.ietf.org Subject: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems Message-ID: <20090304143326.GM23824@login.ecs.soton.ac.uk> Mail-Followup-To: Tony Finch , ietf@ietf.org, namedroppers@ops.ietf.org References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.2i X-ECS-MailScanner: Found to be clean, Found to be clean X-smtpf-Report: client=relay,white,ipv6; mail=; rcpt= X-ECS-MailScanner-Information: Please contact the ISP for more information X-ECS-MailScanner-ID: n24EXYCD014995 X-ECS-MailScanner-From: tjc@ecs.soton.ac.uk X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: [ Moderators note: Post was moderated, either because it was posted by a non-subscriber, or because it was over 20K. With the massive amount of spam, it is easy to miss and therefore delete relevant posts by non-subscribers. Please fix your subscription addresses. ] On Wed, Mar 04, 2009 at 02:09:22PM +0000, Tony Finch wrote: > It seems that Vista implements RFC 3484 address selection, including the > requirement to sort IP addresses. This breaks a great deal of operational > dependence on DNS-based load balancing, as well as being based on an > incorrect understanding of how IP addresses are allocated. > > RFC 3484 needs to be updated to delete this rule, so that the order > returned from the DNS is honoured when the client has no better knowledge > about which address is appropriate. > > See > http://drplokta.livejournal.com/109267.html > http://www.ietf.org/mail-archive/web/ietf/current/msg51874.html > http://www.ietf.org/mail-archive/web/discuss/current/msg01035.html > http://www.ietf.org/mail-archive/web/dnsop/current/msg05847.html > http://lists.debian.org/debian-ctte/2007/11/msg00029.html The issue is mentioned in: http://www.watersprings.org/pub/id/draft-arifumi-6man-rfc3484-revise-00.txt "2.5. To disable or restrict RFC 3484 Section 6 Rule 9 There was a discussion at v6ops and ietf@ietf.org mailing lists that the rule 9 of the destination address selection has a serious adverse effect on the round robin DNS technique...." However the above has expired. Perhaps Arifumi will issue a new version before the upcoming cutoff. -- Tim -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 07:16:06 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4239928C39B; Wed, 4 Mar 2009 07:16:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.582 X-Spam-Level: X-Spam-Status: No, score=-4.582 tagged_above=-999 required=5 tests=[AWL=-1.283, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0aShe19nxl0a; Wed, 4 Mar 2009 07:16:05 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id B402328C399; Wed, 4 Mar 2009 07:16:04 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeslW-0006fh-PG for namedroppers-data0@psg.com; Wed, 04 Mar 2009 15:12:10 +0000 Received: from [131.111.8.137] (helo=ppsw-7.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeslL-0006eD-HD for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 15:12:07 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:37372) by ppsw-7.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.157]:25) with esmtpa (EXTERNAL:fanf2) id 1LeslK-0002VW-PJ (Exim 4.70) (return-path ); Wed, 04 Mar 2009 15:11:58 +0000 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1LeslK-0006FT-Qt (Exim 4.67) (return-path ); Wed, 04 Mar 2009 15:11:58 +0000 Date: Wed, 4 Mar 2009 15:11:58 +0000 From: Tony Finch X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: namedroppers@ops.ietf.org cc: ietf@ietf.org Subject: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: <20090304145901.GC6574@shinkuro.com> Message-ID: References: <20090304145901.GC6574@shinkuro.com> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, 4 Mar 2009, Andrew Sullivan wrote: > > May I assume that we'll see your I-D specifying the change as soon as > possible, then? (I appreciate that it's a little late for a -00, but > maybe after the queue re-opens?) I'm happy to say that Arifumi's I-D that Tim linked to already addresses this problem, and seems to make a sensible recommendation. I'm upset that it's too late to avoid serious operational pain. http://www.watersprings.org/pub/id/draft-arifumi-6man-rfc3484-revise-00.txt 2.5. To disable or restrict RFC 3484 Section 6 Rule 9 Possible changes to RFC 3484 are as follows: 1. To delete Rule 9 completely. 3. To apply Rule 9 for IPv6 conditionally and not for IPv4. When the length of matching bits of the destination address and the source address is longer than N, the rule 9 is applied. Otherwise, the order of the destination addresses do not change. The N should be configurable and it should be 32 by default. This is simply because the two sites whose matching bit length is longer than 32 are probably adjacent. Now that IPv6 PI address is admitted in some RIRs, hierachical address assignment is not maintained anymore. It seems that the longest matching algorithm is not worth the adverse effect of disalbing the DNS based load balance technique. Therefore, the proposal 1 or 3 seems to be preferable. Tony. -- f.anthony.n.finch http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 07:20:23 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F200128C38A; Wed, 4 Mar 2009 07:20:23 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.645 X-Spam-Level: X-Spam-Status: No, score=-0.645 tagged_above=-999 required=5 tests=[AWL=-0.150, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P-XfLhmHSDTO; Wed, 4 Mar 2009 07:20:23 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 03CE828C372; Wed, 4 Mar 2009 07:20:23 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LesqE-00075B-TK for namedroppers-data0@psg.com; Wed, 04 Mar 2009 15:17:02 +0000 Received: from [217.147.82.63] (helo=mail.avalus.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lesq8-00074T-4E for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 15:16:59 +0000 Received: from [192.168.100.15] (localhost [127.0.0.1]) by mail.avalus.com (Postfix) with ESMTP id 704E3C2DA3; Wed, 4 Mar 2009 15:16:54 +0000 (GMT) Date: Wed, 04 Mar 2009 15:16:18 +0000 From: Alex Bligh Reply-To: Alex Bligh To: Andrew Sullivan , namedroppers@ops.ietf.org cc: Alex Bligh Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt Message-ID: <4400A8BD1CB0721460C8E259@Ximines.local> In-Reply-To: <20090304141557.GA6574@shinkuro.com> References: <200903032122.n23LMQmb003926@drugs.dv.isc.org> <20090304141557.GA6574@shinkuro.com> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --On 4 March 2009 09:15:57 -0500 Andrew Sullivan wrote: > Remember that MUST is a word that brooks no exceptions. Are you > arguing that, for the cases above, under no circumstances should the > device behave as described? First, as per the message that started the thread, I am more interested in investigating the question as to whether the draft should contain more mandatory elements, so compliance with it means more, rather than pushing a particular line. Second, assuming the answer to that investigation is "yes", then (at least with the four above) I think the answer to your question is "yes, for the device to be compliant". As I said, if the device is not compliant with the resultant RFC, it will still work, the police won't arrive, and it will be compliant with a slew of other RFCs. However, it won't be compliant with this one. Which means that an ISP who asks in tender documents to CPE manufacturers "Is the device RFCnnnn compliant?" will receive the answer no, which in turn puts some more pressure on manufacturers to make it compliant. The point I'm getting at is are we just trying to put together a helpful set of guidelines for CPE manufacturers as to how they should design the DNS part of their equipment (in which case /arguably/ the document is really a BCP), or are we trying to specify a standard which, if a CPE manufacturer wishes to meet it, specifies mandatory behaviour compliance with which is sufficient to guarantee that the purpose of the draft is met. Right now, CPE could meet all six of the 'MUST's and be a complete pig; I suspect it could fail every (or nearly every) of the tests sequence that inspired Roy's draft. It would be interesting to know how many of those CPE tested would be compliant with all 6 MUST requirements (as technically the manufacturer could claim compliance without meeting any of the 'SHOULD's). Alex -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 07:22:27 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6E1F228C396; Wed, 4 Mar 2009 07:22:27 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QSWXxZTH3xKj; Wed, 4 Mar 2009 07:22:26 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 5088828C387; Wed, 4 Mar 2009 07:22:26 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lesqa-00077v-QO for namedroppers-data0@psg.com; Wed, 04 Mar 2009 15:17:24 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LesqO-00076D-Vf for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 15:17:16 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 475E8A1018; Wed, 4 Mar 2009 15:17:12 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: Tony Finch cc: ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: Your message of "Wed, 04 Mar 2009 14:09:22 GMT." References: X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Wed, 04 Mar 2009 15:17:12 +0000 Message-ID: <20563.1236179832@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: i disagree. dns-based load balancing is an unfortunate overloading and should never be done. RFC 3484 is correct as it is. re: > It seems that Vista implements RFC 3484 address selection, including the > requirement to sort IP addresses. This breaks a great deal of operational > dependence on DNS-based load balancing, as well as being based on an > incorrect understanding of how IP addresses are allocated. > > RFC 3484 needs to be updated to delete this rule, so that the order > returned from the DNS is honoured when the client has no better knowledge > about which address is appropriate. > > See > http://drplokta.livejournal.com/109267.html > http://www.ietf.org/mail-archive/web/ietf/current/msg51874.html > http://www.ietf.org/mail-archive/web/discuss/current/msg01035.html > http://www.ietf.org/mail-archive/web/dnsop/current/msg05847.html > http://lists.debian.org/debian-ctte/2007/11/msg00029.html > > Tony. > -- > f.anthony.n.finch http://dotat.at/ > GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. > MODERATE OR GOOD. > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 07:29:59 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 44C413A6C8F; Wed, 4 Mar 2009 07:29:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.433 X-Spam-Level: X-Spam-Status: No, score=-0.433 tagged_above=-999 required=5 tests=[AWL=-0.833, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_INFO=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WVyjYVQC2JPB; Wed, 4 Mar 2009 07:29:58 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 752A63A6B8B; Wed, 4 Mar 2009 07:29:58 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lesxk-0007lc-Cq for namedroppers-data0@psg.com; Wed, 04 Mar 2009 15:24:48 +0000 Received: from [208.86.224.201] (helo=mail.yitter.info) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lesxc-0007kq-R2 for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 15:24:45 +0000 Received: from crankycanuck.ca (69-196-144-230.dsl.teksavvy.com [69.196.144.230]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yitter.info (Postfix) with ESMTPSA id 98C962FEA3FA for ; Wed, 4 Mar 2009 15:24:36 +0000 (UTC) Date: Wed, 4 Mar 2009 10:24:35 -0500 From: Andrew Sullivan To: namedroppers@ops.ietf.org Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt Message-ID: <20090304152434.GF6574@shinkuro.com> References: <200903032122.n23LMQmb003926@drugs.dv.isc.org> <20090304141557.GA6574@shinkuro.com> <4400A8BD1CB0721460C8E259@Ximines.local> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4400A8BD1CB0721460C8E259@Ximines.local> User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, Mar 04, 2009 at 03:16:18PM +0000, Alex Bligh wrote: > of the tests sequence that inspired Roy's draft. It would be interesting > to know how many of those CPE tested would be compliant with all 6 MUST > requirements (as technically the manufacturer could claim compliance > without meeting any of the 'SHOULD's). [no hat] Not without explaining why they don't meet the SHOULDs, in my reading of RFC 2119. In particular, I think RFC 2119 is perfectly clear that SHOULD does not mean "optional", and it seems that your argument depends on such an understanding of SHOULD. A -- Andrew Sullivan ajs@shinkuro.com Shinkuro, Inc. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 07:33:35 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7B1CC3A6CB7; Wed, 4 Mar 2009 07:33:35 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.499 X-Spam-Level: X-Spam-Status: No, score=-4.499 tagged_above=-999 required=5 tests=[AWL=-1.200, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wI0dWNn7WPrg; Wed, 4 Mar 2009 07:33:34 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 65F0A3A6CB6; Wed, 4 Mar 2009 07:33:34 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Let3X-0008Eq-9I for namedroppers-data0@psg.com; Wed, 04 Mar 2009 15:30:47 +0000 Received: from [131.111.8.130] (helo=ppsw-0.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Let3Q-0008E5-Nc for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 15:30:43 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:42299) by ppsw-0.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.150]:25) with esmtpa (EXTERNAL:fanf2) id 1Let3P-0000nl-0q (Exim 4.70) (return-path ); Wed, 04 Mar 2009 15:30:39 +0000 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1Let3P-00010C-7q (Exim 4.67) (return-path ); Wed, 04 Mar 2009 15:30:39 +0000 Date: Wed, 4 Mar 2009 15:30:39 +0000 From: Tony Finch X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: Florian Weimer cc: ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: <824oy94abg.fsf@mid.bfk.de> Message-ID: References: <824oy94abg.fsf@mid.bfk.de> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, 4 Mar 2009, Florian Weimer wrote: > > I assume you are referring to IPv4 address sorting. It's also wrong to sort IPv6 addresses by longest matching prefix (unless the match is very long) because IPv6 addresses are also not allocated according to network topology. Tony. -- f.anthony.n.finch http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 07:41:04 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 31F1C3A6CD1; Wed, 4 Mar 2009 07:41:04 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.441 X-Spam-Level: X-Spam-Status: No, score=-4.441 tagged_above=-999 required=5 tests=[AWL=-1.142, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y1it0wpJ47Aj; Wed, 4 Mar 2009 07:41:03 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 9237C3A6CE9; Wed, 4 Mar 2009 07:41:00 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LetA5-0008us-Bl for namedroppers-data0@psg.com; Wed, 04 Mar 2009 15:37:33 +0000 Received: from [131.111.8.130] (helo=ppsw-0.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Let9y-0008uE-80 for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 15:37:29 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:44338) by ppsw-0.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.150]:25) with esmtpa (EXTERNAL:fanf2) id 1Let9w-0007j7-1S (Exim 4.70) (return-path ); Wed, 04 Mar 2009 15:37:24 +0000 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1Let9w-00029w-E3 (Exim 4.67) (return-path ); Wed, 04 Mar 2009 15:37:24 +0000 Date: Wed, 4 Mar 2009 15:37:24 +0000 From: Tony Finch X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: Paul Vixie cc: ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: <20563.1236179832@nsa.vix.com> Message-ID: References: <20563.1236179832@nsa.vix.com> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, 4 Mar 2009, Paul Vixie wrote: > i disagree. dns-based load balancing is an unfortunate overloading and > should never be done. RFC 3484 is correct as it is. Why is it right for topology-ignorant clients to override topology-aware DNS servers based on wishful thinking about RIR address allocation policies? Tony. -- f.anthony.n.finch http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 08:12:16 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6A3C03A691A; Wed, 4 Mar 2009 08:12:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.718 X-Spam-Level: X-Spam-Status: No, score=0.718 tagged_above=-999 required=5 tests=[AWL=-0.310, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, J_CHICKENPOX_23=0.6, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A6odIrwU---w; Wed, 4 Mar 2009 08:12:13 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 51F203A67F5; Wed, 4 Mar 2009 08:12:13 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LetbG-000Bb6-RJ for namedroppers-data0@psg.com; Wed, 04 Mar 2009 16:05:38 +0000 Received: from [209.85.220.164] (helo=mail-fx0-f164.google.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LetbA-000Bas-Me for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 16:05:35 +0000 Received: by fxm8 with SMTP id 8so3037446fxm.41 for ; Wed, 04 Mar 2009 08:05:30 -0800 (PST) MIME-Version: 1.0 Received: by 10.223.107.199 with SMTP id c7mr38835fap.31.1236182730037; Wed, 04 Mar 2009 08:05:30 -0800 (PST) In-Reply-To: <20563.1236179832@nsa.vix.com> References: <20563.1236179832@nsa.vix.com> Date: Wed, 4 Mar 2009 17:05:29 +0100 Message-ID: Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems From: =?UTF-8?B?T25kxZllaiBTdXLDvQ==?= To: Paul Vixie Cc: Tony Finch , ietf@ietf.org, namedroppers@ops.ietf.org Content-Type: multipart/alternative; boundary=001636c5b84d805ae904644d3848 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --001636c5b84d805ae904644d3848 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On Wed, Mar 4, 2009 at 4:17 PM, Paul Vixie wrote: > dns-based load balancing is an unfortunate overloading and > should never be done. Here I agree. > RFC 3484 is correct as it is. Here I don't. The idea behind is good, the implementation is not. Client would have to know BGP path to DA + DB and decide on basis of routing protocol. Selection based on longest matching prefix will work in only very small percent of case, all other cases are based on pure luck. Ondrej. > > It seems that Vista implements RFC 3484 address selection, including the > > requirement to sort IP addresses. This breaks a great deal of operational > > dependence on DNS-based load balancing, as well as being based on an > > incorrect understanding of how IP addresses are allocated. > > > > RFC 3484 needs to be updated to delete this rule, so that the order > > returned from the DNS is honoured when the client has no better knowledge > > about which address is appropriate. > > > > See > > http://drplokta.livejournal.com/109267.html > > http://www.ietf.org/mail-archive/web/ietf/current/msg51874.html > > http://www.ietf.org/mail-archive/web/discuss/current/msg01035.html > > http://www.ietf.org/mail-archive/web/dnsop/current/msg05847.html > > http://lists.debian.org/debian-ctte/2007/11/msg00029.html > > > > Tony. > > -- > > f.anthony.n.finch http://dotat.at/ > > GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY > SHOWERS. > > MODERATE OR GOOD. > > > > -- > > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > > the word 'unsubscribe' in a single line as the message text body. > > archive: > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: > -- Ondrej Sury technicky reditel/Chief Technical Officer ----------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23,120 00 Praha 2,Czech Republic mailto:ondrej.sury@nic.cz http://nic.cz/ sip:ondrej.sury@nic.cz tel:+420.222745110 mob:+420.739013699 fax:+420.222745112 ----------------------------------------- --001636c5b84d805ae904644d3848 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

On Wed, Mar 4, 2009 at 4:17 PM, Paul Vix= ie <vixie@isc.org= > wrote:
dns-based load balancing is an unfortunate overloading and
should never be done.

Here I agree.
=C2=A0
RFC 3484 is correct= as it is.

Here I don't. The idea behind is good, the implementation is n= ot.
Client would have to know BGP path to DA + DB and decide on
basis= of routing protocol. Selection based on longest matching
prefix will wo= rk in only very small percent of case, all other cases
are based on pure luck.

Ondrej.
=C2=A0
> It seems that Vista implements RF= C 3484 address selection, including the
> requirement to sort IP addresses. This breaks a great deal of operatio= nal
> dependence on DNS-based load balancing, as well as being based on an > incorrect understanding of how IP addresses are allocated.
>
> RFC 3484 needs to be updated to delete this rule, so that the order > returned from the DNS is honoured when the client has no better knowle= dge
> about which address is appropriate.
>
> See
> http://drplokta.livejournal.com/109267.html
> http://www.ietf.org/mail-archive/web/ietf/current/m= sg51874.html
> http://www.ietf.org/mail-archive/web/discuss/cur= rent/msg01035.html
> http://www.ietf.org/mail-archive/web/dnsop/current= /msg05847.html
> http://lists.debian.org/debian-ctte/2007/11/msg00029.html=
>
> Tony.
> --
> f.anthony.n.finch =C2=A0<dot@dotat.= at> =C2=A0http://dota= t.at/
> GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOW= ERS.
> MODERATE OR GOOD.
>
> --
> to unsubscribe send a message to namedroppers-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text bo= dy.
> archive: <http://ops.ietf.org/lists/namedroppers/>

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/namedroppers/>



--
Ondrej Sur= y
technicky reditel/Chief Technical Officer
-----------------------= ------------------
CZ.NIC, z.s.p.o. =C2=A0-- =C2=A0.cz domain registry<= br> Americka 23,120 00 Praha 2,Czech Republic
mailto:ondrej.sury@nic.cz =C2=A0= http://nic.cz/
sip:ondrej.sury@nic.cz tel:+420.222745110
mob:+4= 20.739013699 =C2=A0 =C2=A0 fax:+420.222745112
-----------------------------------------


--001636c5b84d805ae904644d3848-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From obbyr1.1@aditi.com Wed Mar 4 08:24:27 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AB1C93A6D10 for ; Wed, 4 Mar 2009 08:24:27 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -21.991 X-Spam-Level: X-Spam-Status: No, score=-21.991 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_RFC_BOGUSMX=1.482, FH_HELO_ALMOST_IP=5.417, FH_HOST_ALMOST_IP=1.889, GB_I_LETTER=-2, HELO_DYNAMIC_DHCP=1.398, HELO_EQ_DSL=1.129, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r4RP6SbK0MP9 for ; Wed, 4 Mar 2009 08:24:21 -0800 (PST) Received: from adsl-211-225-250.asm.bellsouth.net (adsl-211-225-250.asm.bellsouth.net [68.211.225.250]) by core3.amsl.com (Postfix) with SMTP id C00743A6CA4 for ; Wed, 4 Mar 2009 08:23:54 -0800 (PST) To: Subject: Order Shipped -- Order #32806 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090304162355.C00743A6CA4@core3.amsl.com> Date: Wed, 4 Mar 2009 08:23:54 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.movertreat.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://movertreat.com/faq.php

Privacy Statement | Terms & Conditions | Contact

KEYWORD Ltd.
Tower Bridge Business Complex. Unit 2, B788. 788 Clements Road. London. SE54 1DG

© 2006-2008 KEYWORD, Ltd. All Rights Reserved

From owner-namedroppers@ops.ietf.org Wed Mar 4 08:26:22 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E003B3A6CC6; Wed, 4 Mar 2009 08:26:22 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.624 X-Spam-Level: X-Spam-Status: No, score=-0.624 tagged_above=-999 required=5 tests=[AWL=-0.129, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 71B4U-YBmYcn; Wed, 4 Mar 2009 08:26:22 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id D7C773A6B72; Wed, 4 Mar 2009 08:26:21 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Letqo-000Cx8-0P for namedroppers-data0@psg.com; Wed, 04 Mar 2009 16:21:42 +0000 Received: from [217.147.82.63] (helo=mail.avalus.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Letqi-000Cwa-DX for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 16:21:39 +0000 Received: from [192.168.100.15] (localhost [127.0.0.1]) by mail.avalus.com (Postfix) with ESMTP id 74125C2DA3; Wed, 4 Mar 2009 16:21:33 +0000 (GMT) Date: Wed, 04 Mar 2009 16:20:57 +0000 From: Alex Bligh Reply-To: Alex Bligh To: Andrew Sullivan , namedroppers@ops.ietf.org cc: Alex Bligh Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt Message-ID: In-Reply-To: <20090304152434.GF6574@shinkuro.com> References: <200903032122.n23LMQmb003926@drugs.dv.isc.org> <20090304141557.GA6574@shinkuro.com> <4400A8BD1CB0721460C8E259@Ximines.local> <20090304152434.GF6574@shinkuro.com> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --On 4 March 2009 10:24:35 -0500 Andrew Sullivan wrote: >> of the tests sequence that inspired Roy's draft. It would be interesting >> to know how many of those CPE tested would be compliant with all 6 MUST >> requirements (as technically the manufacturer could claim compliance >> without meeting any of the 'SHOULD's). > > [no hat] > > Not without explaining why they don't meet the SHOULDs, in my reading > of RFC 2119. In particular, I think RFC 2119 is perfectly clear that > SHOULD does not mean "optional", and it seems that your argument > depends on such an understanding of SHOULD. Hang on. RFC2119 says: > 3. SHOULD This word, or the adjective "RECOMMENDED", mean that there > may exist valid reasons in particular circumstances to ignore a > particular item, but the full implications must be understood and > carefully weighed before choosing a different course. So, my understanding is that an CPE vendor who claims to have "carefully weighed" their failure to meet all the SHOULD recommendations could claim compliance. There would be no objective method of disproving compliance. It would be far easier to show whether their hardware did "sensible stuff or not" on a full bench evaluation. But that doesn't give the advantage of being able to accurately specify in a tender document (or whatever) that you want full compliance with (say) each of the 'SHOULD' recommendations in 2119. There isn't a requirement (moral, legal or otherwise) to publicly explain /why/ you don't meet any SHOULD requirements. If your point is "well, SHOULD requirements are just as effective, or nearly as effective, to put on vendor pressure" and that is indeed the case, then that rather surprises me, but there would be no need to change things. If we treat this an an RFC that specifies correct behaviour for CPE, then I think it is indeed the case that with regard to most of the 'SHOULD's in section 4, there are no valid reasons in particular circumstances to ignore that item. Sure, vendors /can/ ignore them, but then their CPE will not be compliant with RFCnnnn. This is nothing new. For instance, RFC3597 says "name servers and resolvers MUST handle RRs of unknown type transparently." (pretty close to one of the "SHOULD"s in section 4). One that doesn't (and there are many) is simply not compliant with RFC3597. Alex -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 08:35:12 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 931CC3A6B3C; Wed, 4 Mar 2009 08:35:12 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.488 X-Spam-Level: X-Spam-Status: No, score=-5.488 tagged_above=-999 required=5 tests=[AWL=-0.740, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aZcPaQQ9cUnN; Wed, 4 Mar 2009 08:35:10 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 030BE3A6B2E; Wed, 4 Mar 2009 08:35:10 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Leu0K-000Dsw-Hr for namedroppers-data0@psg.com; Wed, 04 Mar 2009 16:31:32 +0000 Received: from [192.150.186.11] (helo=fruitcake.ICSI.Berkeley.EDU) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Leu0A-000DsC-3R for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 16:31:24 +0000 Received: from [IPv6:::1] (fruitcake [192.150.186.11]) by fruitcake.ICSI.Berkeley.EDU (8.12.11.20060614/8.12.11) with ESMTP id n24GUcNc024426; Wed, 4 Mar 2009 08:30:39 -0800 (PST) Cc: Nicholas Weaver , Paul Vixie , Tony Finch , ietf@ietf.org, Namedroppers , alto@ietf.org Message-Id: <9DDF93CB-14D8-4A24-9DFD-7C86700BF966@icsi.berkeley.edu> From: Nicholas Weaver To: =?UTF-8?Q?Ond=C5=99ej_Sur=C3=BD?= In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Apple Message framework v930.3) Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems Date: Wed, 4 Mar 2009 08:31:04 -0800 References: <20563.1236179832@nsa.vix.com> X-Mailer: Apple Mail (2.930.3) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: I've added the ALTO mailing list to this discussion: What it comes down to is you want "localization", not RFC 3484. On Mar 4, 2009, at 8:05 AM, Ond=C5=99ej Sur=C3=BD wrote: > > > On Wed, Mar 4, 2009 at 4:17 PM, Paul Vixie wrote: >> dns-based load balancing is an unfortunate overloading and >> should never be done. > > Here I agree. > >> RFC 3484 is correct as it is. > > Here I don't. The idea behind is good, the implementation is not. > Client would have to know BGP path to DA + DB and decide on > basis of routing protocol. Selection based on longest matching > prefix will work in only very small percent of case, all other cases > are based on pure luck. If a localization service is available, querying it to get the "Best =20 match" would be most appropriate. the ALTO group in the IETF is =20 looking at such issues, primarily with respect to P2P, but elsewhere =20 as well [1]. In the absence of localization, probably the best is "If prefix is =20 almost identical, use it, otherwise select random", because address is =20= almost irelevent for localization beyond the current network these =20 days, but having the standard specify "select randomly" has some =20 general benefits when localization is not available. [1] In retrospect, I take back my comment about "should focus on P2P", =20= localization may very well indeed be a more generic primitive.= -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 08:41:57 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D727A3A6B14; Wed, 4 Mar 2009 08:41:57 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.536 X-Spam-Level: X-Spam-Status: No, score=-0.536 tagged_above=-999 required=5 tests=[AWL=-0.041, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X2IR-P1i+J8f; Wed, 4 Mar 2009 08:41:57 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 096FB3A6A66; Wed, 4 Mar 2009 08:41:57 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Leu71-000EZ1-Jv for namedroppers-data0@psg.com; Wed, 04 Mar 2009 16:38:27 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Leu6q-000EWZ-Vr for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 16:38:19 +0000 Received: from [10.31.200.116] (ns.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n24GcBmA016164; Wed, 4 Mar 2009 11:38:11 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <20563.1236179832@nsa.vix.com> References: <20563.1236179832@nsa.vix.com> Date: Wed, 4 Mar 2009 11:32:45 -0500 To: namedroppers@ops.ietf.org From: Edward Lewis Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems Cc: ed.lewis@neustar.biz Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: At 15:17 +0000 3/4/09, Paul Vixie wrote: >i disagree. dns-based load balancing is an unfortunate overloading and >should never be done. FWIW (since someone else mentioned it), I agree with that. >RFC 3484 is correct as it is. I don't have an informed opinion on that. Whatever the outcome on the issue is, please don't justify it by saying the result "preserves DNS load balancing." -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Never confuse activity with progress. Activity pays more. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 08:52:22 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 65FD23A6B53; Wed, 4 Mar 2009 08:52:22 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.123 X-Spam-Level: X-Spam-Status: No, score=-4.123 tagged_above=-999 required=5 tests=[AWL=-0.825, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M1fWTgHT+NTw; Wed, 4 Mar 2009 08:52:21 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 0ED1D3A6AE5; Wed, 4 Mar 2009 08:52:21 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeuHd-000FjW-S8 for namedroppers-data0@psg.com; Wed, 04 Mar 2009 16:49:25 +0000 Received: from [213.248.199.24] (helo=mx4.nominet.org.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeuHY-000Fiq-5V for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 16:49:22 +0000 DomainKey-Signature: s=main.dk.nominet.selector; d=nominet.org.uk; c=nofws; q=dns; h=X-IronPort-AV:Received:In-Reply-To:References:To:Cc: Subject:MIME-Version:X-Mailer:Message-ID:From:Date: X-MIMETrack:Content-Type; b=1O6PW9nAhrC3ZhTSDpZng/g3fYxcd8dDCobVDoCvfoM0wfc22GOMP7TU V0jhLzeA/0JRhcSLKhN8sBW2JNcCmgLmuRKx5iFdi3sRHnFSuSspFFsQK ribdut3X1UW3Oeh; DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nominet.org.uk; i=Ray.Bellis@nominet.org.uk; q=dns/txt; s=main.dkim.nominet.selector; t=1236185360; x=1267721360; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20Ray.Bellis@nominet.org.uk|Subject:=20Re:=20[dnse xt]=20I-D=20Action:draft-ietf-dnsext-dnsproxy-03.txt |Date:=20Wed,=204=20Mar=202009=2016:49:17=20+0000 |Message-ID:=20|To:=20Alex=20Bligh=20|Cc:=20namedroppers@ops.ietf.org |MIME-Version:=201.0|In-Reply-To:=20|References:=20<200903032122.n23LMQmb0 03926@drugs.dv.isc.org>=20=20<20090304141557.GA6574@shinkuro.com>=20<4400A 8BD1CB0721460C8E259@Ximines.local>=20<20090304152434.GF65 74@shinkuro.com>=20; bh=ggl+hSS29rqLiZWLMpz18g+LViJ4d3VYZf7swrb7WGM=; b=BhCInYLW6wkJ7YwgISrhvpVC8UPyI40Z+G6I/zabJdURK6O9h0jQM9rO CflZvR1/69/Ga4NhPSJ+L+ZG5vs8E3gkASkJb7LpffLdqt1HgJ94emT8H wpiA1L9dnGOIK27; X-IronPort-AV: E=Sophos;i="4.38,301,1233532800"; d="scan'208";a="8815666" Received: from notes1.nominet.org.uk ([213.248.197.128]) by mx4.nominet.org.uk with ESMTP; 04 Mar 2009 16:49:18 +0000 In-Reply-To: References: <200903032122.n23LMQmb003926@drugs.dv.isc.org> <20090304141557.GA6574@shinkuro.com> <4400A8BD1CB0721460C8E259@Ximines.local> <20090304152434.GF6574@shinkuro.com> To: Alex Bligh Cc: namedroppers@ops.ietf.org Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt MIME-Version: 1.0 X-Mailer: Lotus Notes Build V85_M2_08202008 August 20, 2008 Message-ID: From: Ray.Bellis@nominet.org.uk Date: Wed, 4 Mar 2009 16:49:17 +0000 X-MIMETrack: Serialize by Router on notes1/Nominet(Release 7.0.1FP1 | May 25, 2006) at 04/03/2009 04:49:17 PM, Serialize complete at 04/03/2009 04:49:17 PM Content-Type: multipart/alternative; boundary="=_alternative 005C67168025756F_=" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: This is a multipart message in MIME format. --=_alternative 005C67168025756F_= Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: quoted-printable > If we treat this an an RFC that specifies correct behaviour for CPE, > then I think it is indeed the case that with regard to most of the > 'SHOULD's in section 4, there are no valid reasons in particular > circumstances to ignore that item. Sure, vendors /can/ ignore > them, but then their CPE will not be compliant with RFCnnnn. This is > nothing new. For instance, RFC3597 says "name servers and resolvers > MUST handle RRs of unknown type transparently." (pretty close to one > of the "SHOULD"s in section 4). One that doesn't (and there are many) > is simply not compliant with RFC3597. Alex, The intent of the draft is *not* to proscribe behaviour that is not=20 otherwise mandated elsewhere. As per the title, these are "guidelines",=20 they are not "rules". If there are mismatches in requirements language between RFCs that I've=20 cited and the draft then I believe those should be corrected. The TKEY=20 paragraph in =A74.5 appears to be one such case - I'm not aware of any=20 others. cheers, Ray --=_alternative 005C67168025756F_= Content-Type: text/html; charset="ISO-8859-1" Content-Transfer-Encoding: quoted-printable
> If we treat this an an RFC that specifies correct behaviour for CPE, > then I think it is indeed the case that with regard to most of the
> 'SHOULD's in section 4, there are no valid reasons in particular
> circumstances to ignore that item. Sure, vendors /can/ ignore
> them, but then their CPE will not be compliant with RFCnnnn. This is
> nothing new. For instance, RFC3597 says "name servers and resolve= rs
> MUST handle RRs of unknown type transparently." (pretty close to one
> of the "SHOULD"s in section 4). One that doesn't (and there are many)
> is simply not compliant with RFC3597.
Alex,

The intent of the draft is *not* to proscribe behavi= our that is not otherwise mandated elsewhere.  As per the title, these are "guidelines", they are not "rules".

If there are mismatches in requirements language bet= ween RFCs that I've cited and the draft then I believe those should be corrected.  The TKEY paragraph in =A74.5 appears to be one such case - I'm not aware of any others.

cheers,

Ray




--=_alternative 005C67168025756F_=-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 09:01:58 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6C1513A6CBB; Wed, 4 Mar 2009 09:01:58 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.608 X-Spam-Level: X-Spam-Status: No, score=-0.608 tagged_above=-999 required=5 tests=[AWL=-0.113, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HfG4spME+8wT; Wed, 4 Mar 2009 09:01:57 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 96C3D3A6CB0; Wed, 4 Mar 2009 09:01:57 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeuRA-000Gam-4X for namedroppers-data0@psg.com; Wed, 04 Mar 2009 16:59:16 +0000 Received: from [217.147.82.63] (helo=mail.avalus.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeuR4-000GZu-9j for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 16:59:13 +0000 Received: from [192.168.100.15] (localhost [127.0.0.1]) by mail.avalus.com (Postfix) with ESMTP id 0696FC2DA3; Wed, 4 Mar 2009 16:59:08 +0000 (GMT) Date: Wed, 04 Mar 2009 16:58:33 +0000 From: Alex Bligh Reply-To: Alex Bligh To: Ray.Bellis@nominet.org.uk cc: namedroppers@ops.ietf.org, Alex Bligh Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt Message-ID: In-Reply-To: References: <200903032122.n23LMQmb003926@drugs.dv.isc.org> <20090304141557.GA6574@shinkuro.com> <4400A8BD1CB0721460C8E259@Ximines.local> <20090304152434.GF6574@shinkuro.com> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --On 4 March 2009 16:49:17 +0000 Ray.Bellis@nominet.org.uk wrote: > The intent of the draft is *not* to proscribe behaviour that is not > otherwise mandated elsewhere. As per the title, these are "guidelines", > they are not "rules". Well, if that is to remain the intent of the draft, then no changes need to be made (apart from the inconsistency with the quoted RFC that I pointed out). I was just wondering whether it was worth repurposing your excellent draft to be a standard-defining document, but it appears there is a distinct lack of support for this. Alex -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 09:03:38 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 638F33A6AA2; Wed, 4 Mar 2009 09:03:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VHXLn9v2QTWE; Wed, 4 Mar 2009 09:03:37 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 8EF623A68AD; Wed, 4 Mar 2009 09:03:37 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeuQV-000GWK-CT for namedroppers-data0@psg.com; Wed, 04 Mar 2009 16:58:35 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeuQP-000GVh-A9 for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 16:58:32 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id CAC49A1018; Wed, 4 Mar 2009 16:58:28 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: Tony Finch cc: namedroppers@ops.ietf.org, ietf@ietf.org Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: Your message of "Wed, 04 Mar 2009 15:11:58 GMT." References: <20090304145901.GC6574@shinkuro.com> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Wed, 04 Mar 2009 16:58:28 +0000 Message-ID: <25201.1236185908@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > Now that IPv6 PI address is admitted in some RIRs, hierachical > address assignment is not maintained anymore. It seems that the > longest matching algorithm is not worth the adverse effect of > disalbing the DNS based load balance technique. Therefore, the > proposal 1 or 3 seems to be preferable. dns has never guaranteed or preserved ordering within rrsets. any dns load balancing technique that assumes this will happen is wrongheaded. you'll see roundrobin and lifo, among others, in many caches including stub caches. on the flip side, if a client thinks it can do something useful with ordering, it should not be discouraged from trying. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 09:04:46 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7B5623A6CC6; Wed, 4 Mar 2009 09:04:46 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.848 X-Spam-Level: X-Spam-Status: No, score=-3.848 tagged_above=-999 required=5 tests=[AWL=-0.550, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 01pYSJ+gEbh0; Wed, 4 Mar 2009 09:04:45 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 5D87E3A6B59; Wed, 4 Mar 2009 09:04:45 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeuUA-000GtK-MH for namedroppers-data0@psg.com; Wed, 04 Mar 2009 17:02:22 +0000 Received: from [213.248.199.23] (helo=mx3.nominet.org.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeuU5-000Gsx-Tu for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 17:02:20 +0000 DomainKey-Signature: s=main.dk.nominet.selector; d=nominet.org.uk; c=nofws; q=dns; h=X-IronPort-AV:Received:In-Reply-To:References:To:Cc: Subject:MIME-Version:X-Mailer:Message-ID:From:Date: X-MIMETrack:Content-Type; b=bgfkW8E85oTZyihG4mYIHog0ISFIYY563mMhPRGZaXaXxNJesnn/2zzC HrAE81W7ydE34EjETMbJlAHhtxEyJ1KvihxE44EzclBkS10MWog6w+eIF yOn7LZS60rmcJyF; DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nominet.org.uk; i=Ray.Bellis@nominet.org.uk; q=dns/txt; s=main.dkim.nominet.selector; t=1236186137; x=1267722137; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20Ray.Bellis@nominet.org.uk|Subject:=20Re:=20[dnse xt]=20I-D=20Action:draft-ietf-dnsext-dnsproxy-03.txt |Date:=20Wed,=204=20Mar=202009=2017:02:15=20+0000 |Message-ID:=20|To:=20Alex=20Bligh=20|Cc:=20namedroppers@ops.ietf.org |MIME-Version:=201.0|In-Reply-To:=20|References:=20<200903032122.n23LMQmb0 03926@drugs.dv.isc.org>=20=20<20090304141557.GA6574@shinkuro.com>=20<4400A 8BD1CB0721460C8E259@Ximines.local>=20<20090304152434.GF65 74@shinkuro.com>=20=20=20; bh=sngbxVCfNbaWf94KGMBeyx+6UDqkT7dLKzmfkkBAgv8=; b=VvdjOVnM9enMbadYAICXKfrmAzLOF8UGfmcupybeaU7NvQv9TdffFZEQ 8OeNJ3oZ+qt8zSmRn1evNLCoKhqnCUtISpMaHMZORtwTUdeWuPc18EH8o ghJ55b43QfCBAEO; X-IronPort-AV: E=Sophos;i="4.38,301,1233532800"; d="scan'208";a="11812523" Received: from notes1.nominet.org.uk ([213.248.197.128]) by mx3.nominet.org.uk with ESMTP; 04 Mar 2009 17:02:16 +0000 In-Reply-To: References: <200903032122.n23LMQmb003926@drugs.dv.isc.org> <20090304141557.GA6574@shinkuro.com> <4400A8BD1CB0721460C8E259@Ximines.local> <20090304152434.GF6574@shinkuro.com> To: Alex Bligh Cc: namedroppers@ops.ietf.org Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnsproxy-03.txt MIME-Version: 1.0 X-Mailer: Lotus Notes Build V85_M2_08202008 August 20, 2008 Message-ID: From: Ray.Bellis@nominet.org.uk Date: Wed, 4 Mar 2009 17:02:15 +0000 X-MIMETrack: Serialize by Router on notes1/Nominet(Release 7.0.1FP1 | May 25, 2006) at 04/03/2009 05:02:16 PM, Serialize complete at 04/03/2009 05:02:16 PM Content-Type: multipart/alternative; boundary="=_alternative 005D974A8025756F_=" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: This is a multipart message in MIME format. --=_alternative 005D974A8025756F_= Content-Type: text/plain; charset="US-ASCII" > Well, if that is to remain the intent of the draft, then no changes > need to be made (apart from the inconsistency with the quoted RFC > that I pointed out). I was just wondering whether it was worth > repurposing your excellent draft to be a standard-defining document, > but it appears there is a distinct lack of support for this. I think possibly a separate draft updating RFC 1035 that specifically deprecates the 512 byte limit and mandates EDNS0 support might be of use. However I'd like this current draft to be published before the end of the decade ;-) cheers, Ray --=_alternative 005D974A8025756F_= Content-Type: text/html; charset="US-ASCII"  
> Well, if that is to remain the intent of the draft, then no changes
> need to be made (apart from the inconsistency with the quoted RFC
> that I pointed out). I was just wondering whether it was worth
> repurposing your excellent draft to be a standard-defining document,
> but it appears there is a distinct lack of support for this.
I think possibly a separate draft updating RFC 1035 that specifically deprecates the 512 byte limit and mandates EDNS0 support might be of use.

However I'd like this current draft to be published before the end of the decade ;-)

cheers,

Ray
--=_alternative 005D974A8025756F_=-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 09:09:52 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 52B9128C383; Wed, 4 Mar 2009 09:09:52 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.399 X-Spam-Level: X-Spam-Status: No, score=-4.399 tagged_above=-999 required=5 tests=[AWL=-1.100, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id urJjCq8ixgO0; Wed, 4 Mar 2009 09:09:51 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 618AF28C366; Wed, 4 Mar 2009 09:09:51 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeuYJ-000HG5-74 for namedroppers-data0@psg.com; Wed, 04 Mar 2009 17:06:39 +0000 Received: from [131.111.8.136] (helo=ppsw-6.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeuY4-000HDv-Vu for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 17:06:32 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:32979) by ppsw-6.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.156]:25) with esmtpa (EXTERNAL:fanf2) id 1LeuY4-00025O-KQ (Exim 4.70) (return-path ); Wed, 04 Mar 2009 17:06:24 +0000 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1LeuY4-0000Xx-AL (Exim 4.67) (return-path ); Wed, 04 Mar 2009 17:06:24 +0000 Date: Wed, 4 Mar 2009 17:06:24 +0000 From: Tony Finch X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: Paul Vixie cc: namedroppers@ops.ietf.org, ietf@ietf.org Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: <25201.1236185908@nsa.vix.com> Message-ID: References: <20090304145901.GC6574@shinkuro.com> <25201.1236185908@nsa.vix.com> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, 4 Mar 2009, Paul Vixie wrote: > > you'll see roundrobin and lifo, among others, in many caches including > stub caches. Large numbers of sites have been depending on this behaviour for over 15 years, so it was wrong of RFC 3484 to break it. Tony. -- f.anthony.n.finch http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 09:15:56 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7D60A28C1AC; Wed, 4 Mar 2009 09:15:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yr9kRzJvjPrY; Wed, 4 Mar 2009 09:15:55 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 79B0A3A6D0A; Wed, 4 Mar 2009 09:15:55 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeudR-000I28-RJ for namedroppers-data0@psg.com; Wed, 04 Mar 2009 17:11:57 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeudI-000I0k-7u for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 17:11:50 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id D7E82A1017; Wed, 4 Mar 2009 17:11:47 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: Tony Finch cc: ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: Your message of "Wed, 04 Mar 2009 15:37:24 GMT." References: <20563.1236179832@nsa.vix.com> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Wed, 04 Mar 2009 17:11:47 +0000 Message-ID: <25914.1236186707@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > > i disagree. dns-based load balancing is an unfortunate overloading and > > should never be done. RFC 3484 is correct as it is. > > Why is it right for topology-ignorant clients to override topology-aware > DNS servers based on wishful thinking about RIR address allocation > policies? neither a client or a server can be guaranteed topology-aware. dns leaves ordering deliberately undefined and encourages applications to use their own best judgement. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 09:19:15 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C61203A6CB0; Wed, 4 Mar 2009 09:19:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.367 X-Spam-Level: X-Spam-Status: No, score=-4.367 tagged_above=-999 required=5 tests=[AWL=-1.068, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C4I6I2z-fr68; Wed, 4 Mar 2009 09:19:14 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id EA46628C3B4; Wed, 4 Mar 2009 09:19:04 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeufY-000IJS-RT for namedroppers-data0@psg.com; Wed, 04 Mar 2009 17:14:08 +0000 Received: from [131.111.8.137] (helo=ppsw-7.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeufP-000IHT-GV for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 17:14:06 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:59964) by ppsw-7.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.157]:25) with esmtpa (EXTERNAL:fanf2) id 1LeufN-000383-P8 (Exim 4.70) (return-path ); Wed, 04 Mar 2009 17:13:57 +0000 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1LeufN-0001mw-P4 (Exim 4.67) (return-path ); Wed, 04 Mar 2009 17:13:57 +0000 Date: Wed, 4 Mar 2009 17:13:57 +0000 From: Tony Finch X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: Paul Vixie cc: ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: <25914.1236186707@nsa.vix.com> Message-ID: References: <20563.1236179832@nsa.vix.com> <25914.1236186707@nsa.vix.com> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, 4 Mar 2009, Paul Vixie wrote: > > neither a client or a server can be guaranteed topology-aware. dns leaves > ordering deliberately undefined and encourages applications to use their > own best judgement. Rule 9 kicks in when the client has no topology information, which is why it is broken. Tony. -- f.anthony.n.finch http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 09:25:11 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4833B28C3CC; Wed, 4 Mar 2009 09:25:10 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -109.547 X-Spam-Level: X-Spam-Status: No, score=-109.547 tagged_above=-999 required=5 tests=[AWL=-1.052, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_HI=-8, RDNS_NONE=0.1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yh0ksSJb21aO; Wed, 4 Mar 2009 09:25:07 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 7699628C3B9; Wed, 4 Mar 2009 09:25:04 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Leun4-000JGH-AX for namedroppers-data0@psg.com; Wed, 04 Mar 2009 17:21:54 +0000 Received: from [131.107.115.215] (helo=smtp.microsoft.com) by psg.com with esmtps (TLSv1:RC4-MD5:128) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Leumy-000JFD-A9 for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 17:21:51 +0000 Received: from TK5-EXHUB-C101.redmond.corp.microsoft.com (157.54.18.48) by TK5-EXGWY-E802.partners.extranet.microsoft.com (10.251.56.168) with Microsoft SMTP Server (TLS) id 8.2.99.4; Wed, 4 Mar 2009 09:21:47 -0800 Received: from tk5-exmlt-w602.wingroup.windeploy.ntdev.microsoft.com (157.54.18.33) by TK5-EXHUB-C101.redmond.corp.microsoft.com (157.54.18.48) with Microsoft SMTP Server id 8.2.99.4; Wed, 4 Mar 2009 09:21:47 -0800 Received: from NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com ([fe80::8de9:51a2:cd62:f122]) by tk5-exmlt-w602.wingroup.windeploy.ntdev.microsoft.com ([157.54.18.33]) with mapi; Wed, 4 Mar 2009 09:23:47 -0800 From: Christian Huitema To: Tony Finch , Paul Vixie CC: "namedroppers@ops.ietf.org" , "ietf@ietf.org" Date: Wed, 4 Mar 2009 09:21:46 -0800 Subject: RE: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems Thread-Topic: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems Thread-Index: Acmc33+LuJO1NMCUQkOI8M8tbsaArgADYabA Message-ID: <8EFB68EAE061884A8517F2A755E8B60A1CB2DFD5C2@NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com> References: <20563.1236179832@nsa.vix.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > > i disagree. dns-based load balancing is an unfortunate overloading > and > > should never be done. RFC 3484 is correct as it is. > > Why is it right for topology-ignorant clients to override topology- > aware > DNS servers based on wishful thinking about RIR address allocation > policies? The order of records in a DNS response is, at best, a hint. Relying on it a= s if it were a mandate to clients is a gamble. It is quite legitimate for c= lients to consider the entire list of addresses and try to pick the best on= es, based on their knowledge of topology. We may argue whether the specific= algorithm in RFC 3484 is the correct one, and I hope that future clients w= ill implement something smarter than prefix matching. But if service operat= ors want to balance load on their servers, they need to consider something = a bit more sophisticated than merely reordering the records in the DNS resp= onse... -- Christian Huitema -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 09:34:20 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7FF4E28C41A; Wed, 4 Mar 2009 09:34:20 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.634 X-Spam-Level: X-Spam-Status: No, score=-0.634 tagged_above=-999 required=5 tests=[AWL=-0.139, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VV76zoRFE6Rn; Wed, 4 Mar 2009 09:34:19 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 9E4D328C421; Wed, 4 Mar 2009 09:34:11 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Leutz-000K54-Ed for namedroppers-data0@psg.com; Wed, 04 Mar 2009 17:29:03 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Leutt-000K47-V3 for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 17:29:00 +0000 Received: from [10.31.200.116] (mail.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n24HSlR9016974; Wed, 4 Mar 2009 12:28:48 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <20090304145901.GC6574@shinkuro.com> <25201.1236185908@nsa.vix.com> Date: Wed, 4 Mar 2009 12:28:30 -0500 To: Tony Finch From: Edward Lewis Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems Cc: namedroppers@ops.ietf.org, ed.lewis@neustar.biz Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: At 17:06 +0000 3/4/09, Tony Finch wrote: >Large numbers of sites have been depending on this behaviour for over 15 >years, so it was wrong of RFC 3484 to break it. That may be true, but not because DNS-assisted load balancing is a good thing. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Never confuse activity with progress. Activity pays more. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 09:57:28 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A60973A6AAA; Wed, 4 Mar 2009 09:57:28 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.25 X-Spam-Level: X-Spam-Status: No, score=0.25 tagged_above=-999 required=5 tests=[AWL=-0.500, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TDgNcMWJzG0x; Wed, 4 Mar 2009 09:57:27 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 995C63A698F; Wed, 4 Mar 2009 09:57:27 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LevGL-000MUs-N6 for namedroppers-data0@psg.com; Wed, 04 Mar 2009 17:52:09 +0000 Received: from [193.227.124.2] (helo=mx01.bfk.de) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LevGG-000MU7-AK for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 17:52:06 +0000 Received: from mx00.int.bfk.de ([10.119.110.2]) by mx01.bfk.de with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) id 1LevFk-0003kf-HX; Wed, 04 Mar 2009 18:51:32 +0100 Received: from fweimer by bfk.de with local id 1LevFz-0003BP-IE; Wed, 04 Mar 2009 18:51:47 +0100 To: Paul Vixie Cc: Tony Finch , ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems References: <20563.1236179832@nsa.vix.com> <25914.1236186707@nsa.vix.com> From: Florian Weimer Date: Wed, 04 Mar 2009 18:51:45 +0100 In-Reply-To: <25914.1236186707@nsa.vix.com> (Paul Vixie's message of "Wed, 04 Mar 2009 17:11:47 +0000") Message-ID: <82d4cx18i6.fsf@mid.bfk.de> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: * Paul Vixie: > neither a client or a server can be guaranteed topology-aware. dns leaves > ordering deliberately undefined and encourages applications to use their > own best judgement. The "leaves undefined" part is at odds with your previous statement that RFC 3484 is correct. It is compliant with the rest of the protocol zoo, but the order of records, as seen by applications, is no longer undefined. --=20 Florian Weimer BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstra=DFe 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 10:04:37 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A3B833A6CC9; Wed, 4 Mar 2009 10:04:37 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.263 X-Spam-Level: X-Spam-Status: No, score=-4.263 tagged_above=-999 required=5 tests=[AWL=0.232, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KlcdwhfC+NnP; Wed, 4 Mar 2009 10:04:37 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id CE3DC28C431; Wed, 4 Mar 2009 10:04:09 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LevOc-000NZ2-U6 for namedroppers-data0@psg.com; Wed, 04 Mar 2009 18:00:42 +0000 Received: from [198.32.6.68] (helo=vacation.karoshi.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LevOW-000NYf-R5 for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 18:00:39 +0000 Received: from karoshi.com (localhost.localdomain [127.0.0.1]) by vacation.karoshi.com (8.12.8/8.12.8) with ESMTP id n24Hvqff024285; Wed, 4 Mar 2009 17:57:52 GMT Received: (from bmanning@localhost) by karoshi.com (8.12.8/8.12.8/Submit) id n24HvmVi024283; Wed, 4 Mar 2009 17:57:48 GMT Date: Wed, 4 Mar 2009 17:57:48 +0000 From: bmanning@vacation.karoshi.com To: Paul Vixie Cc: Tony Finch , ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems Message-ID: <20090304175748.GB24212@vacation.karoshi.com.> References: <20563.1236179832@nsa.vix.com> <25914.1236186707@nsa.vix.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <25914.1236186707@nsa.vix.com> User-Agent: Mutt/1.4.1i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, Mar 04, 2009 at 05:11:47PM +0000, Paul Vixie wrote: > > > i disagree. dns-based load balancing is an unfortunate overloading and > > > should never be done. RFC 3484 is correct as it is. > > > > Why is it right for topology-ignorant clients to override topology-aware > > DNS servers based on wishful thinking about RIR address allocation > > policies? > > neither a client or a server can be guaranteed topology-aware. dns leaves > ordering deliberately undefined and encourages applications to use their > own best judgement. > DNSSEC does reorder RRSets within a zone. Which is a new feature. --bill -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 10:04:41 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 18D9A28C428; Wed, 4 Mar 2009 10:04:41 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.188 X-Spam-Level: X-Spam-Status: No, score=0.188 tagged_above=-999 required=5 tests=[AWL=-0.562, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jlQZ6rQdMlRj; Wed, 4 Mar 2009 10:04:40 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id AAA7D28C437; Wed, 4 Mar 2009 10:04:17 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LevPV-000NfT-Hd for namedroppers-data0@psg.com; Wed, 04 Mar 2009 18:01:37 +0000 Received: from [193.227.124.2] (helo=mx01.bfk.de) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LevPQ-000Ney-48 for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 18:01:34 +0000 Received: from mx00.int.bfk.de ([10.119.110.2]) by mx01.bfk.de with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) id 1LevP0-0004bs-2R; Wed, 04 Mar 2009 19:01:06 +0100 Received: from fweimer by bfk.de with local id 1LevPF-0000JG-0W; Wed, 04 Mar 2009 19:01:21 +0100 To: Christian Huitema Cc: Tony Finch , Paul Vixie , "namedroppers@ops.ietf.org" , "ietf@ietf.org" Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems References: <20563.1236179832@nsa.vix.com> <8EFB68EAE061884A8517F2A755E8B60A1CB2DFD5C2@NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com> From: Florian Weimer Date: Wed, 04 Mar 2009 19:01:20 +0100 In-Reply-To: <8EFB68EAE061884A8517F2A755E8B60A1CB2DFD5C2@NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com> (Christian Huitema's message of "Wed, 4 Mar 2009 09:21:46 -0800") Message-ID: <828wnl1827.fsf@mid.bfk.de> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: * Christian Huitema: > The order of5C records in a DNS response is, at best, a > hint. Relying on it as if it were a mandate to clients is a gamble. When you run RRset-based load balancing, you don't rely on servers preserving order, or reordering responses. It is completely sufficient that there is a certain amount of variation among resolver and application address selection. It has been repeatedly and independently observed that Rule 9 does not provide sufficient variance, in contrast to previous behavior. Rule 9 is also unfortunate because it means that after renumbering, server loads change in ways the operator cannot influence (except by requesting addresses with certain bit patterns, but I don't think anybody wants vanity IP addresses). --=20 Florian Weimer BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstra=DFe 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 10:24:35 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E02693A6CB0; Wed, 4 Mar 2009 10:24:35 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.664 X-Spam-Level: X-Spam-Status: No, score=0.664 tagged_above=-999 required=5 tests=[AWL=-0.364, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, J_CHICKENPOX_23=0.6, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RhIj5NgST4D4; Wed, 4 Mar 2009 10:24:34 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id BE0073A6C87; Wed, 4 Mar 2009 10:24:33 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LevhT-000PYj-Tf for namedroppers-data0@psg.com; Wed, 04 Mar 2009 18:20:11 +0000 Received: from [209.85.218.157] (helo=mail-bw0-f157.google.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LevhN-000PXG-5M for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 18:20:09 +0000 Received: by bwz1 with SMTP id 1so106743bwz.41 for ; Wed, 04 Mar 2009 10:20:03 -0800 (PST) MIME-Version: 1.0 Received: by 10.223.122.15 with SMTP id j15mr164402far.10.1236190802878; Wed, 04 Mar 2009 10:20:02 -0800 (PST) In-Reply-To: <20090304175748.GB24212@vacation.karoshi.com.> References: <20563.1236179832@nsa.vix.com> <25914.1236186707@nsa.vix.com> <20090304175748.GB24212@vacation.karoshi.com.> Date: Wed, 4 Mar 2009 19:20:02 +0100 Message-ID: Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems From: =?UTF-8?B?T25kxZllaiBTdXLDvQ==?= To: bmanning@vacation.karoshi.com Cc: Paul Vixie , Tony Finch , ietf@ietf.org, namedroppers@ops.ietf.org Content-Type: multipart/alternative; boundary=001636c5a723ae222004644f199a Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --001636c5a723ae222004644f199a Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On Wed, Mar 4, 2009 at 6:57 PM, wrote: > On Wed, Mar 04, 2009 at 05:11:47PM +0000, Paul Vixie wrote: > > > > i disagree. dns-based load balancing is an unfortunate overloading > and > > > > should never be done. RFC 3484 is correct as it is. > > > > > > Why is it right for topology-ignorant clients to override > topology-aware > > > DNS servers based on wishful thinking about RIR address allocation > > > policies? > > > > neither a client or a server can be guaranteed topology-aware. dns > leaves > > ordering deliberately undefined and encourages applications to use their > > own best judgement. > > > > DNSSEC does reorder RRSets within a zone. Which is a new feature. When we started talking about order of RRSets? This is purely discussion about order of RRs in RRSet. Order of RRSets in zone is irrelevant before DNSSEC and also after DNSSEC. Nothing depends on order of RRSets at least in my best knowledge. Ondrej. -- Ondrej Sury technicky reditel/Chief Technical Officer ----------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23,120 00 Praha 2,Czech Republic mailto:ondrej.sury@nic.cz http://nic.cz/ sip:ondrej.sury@nic.cz tel:+420.222745110 mob:+420.739013699 fax:+420.222745112 ----------------------------------------- --001636c5a723ae222004644f199a Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

On Wed, Mar 4, 2009 at 6:57 PM, <bmanning@va= cation.karoshi.com> wrote:
On Wed, Mar 04, 2009 at 05:11:47PM +0000, Paul Vixie wrot= e:
> > > i disagree. =C2=A0dns-based load balancing is an unfortunate= overloading and
> > > should never be done. =C2=A0RFC 3484 is correct as it is. > >
> > Why is it right for topology-ignorant clients to override topolog= y-aware
> > DNS servers based on wishful thinking about RIR address allocatio= n
> > policies?
>
> neither a client or a server can be guaranteed topology-aware. =C2=A0d= ns leaves
> ordering deliberately undefined and encourages applications to use the= ir
> own best judgement.
>

=C2=A0 =C2=A0 =C2=A0 =C2=A0DNSSEC does reorder RRSets within a zone.= =C2=A0Which is a new feature.

When we started talking= about order of RRSets?=C2=A0 This is purely discussion
about order of R= Rs in RRSet. Order of RRSets in zone is irrelevant before
DNSSEC and also after DNSSEC. Nothing depends on order of RRSets
at leas= t in my best knowledge.
=C2=A0
Ondrej.
--
Ondrej Sury=
technicky reditel/Chief Technical Officer
------------------------= -----------------
CZ.NIC, z.s.p.o. =C2=A0-- =C2=A0.cz domain registry
Americka 23,120 00= Praha 2,Czech Republic
mailto:on= drej.sury@nic.cz =C2=A0http://nic.cz/ sip:ondrej.sury@nic.cz te= l:+420.222745110
mob:+420.739013699 =C2=A0 =C2=A0 fax:+420.222745112
------------------= -----------------------


--001636c5a723ae222004644f199a-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 12:04:14 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F07DA28C490; Wed, 4 Mar 2009 12:04:14 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.473 X-Spam-Level: X-Spam-Status: No, score=-3.473 tagged_above=-999 required=5 tests=[AWL=-0.474, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0nfD0AJDFkg3; Wed, 4 Mar 2009 12:04:14 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id B336A3A6AFC; Wed, 4 Mar 2009 12:03:09 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LexBC-0009HA-Eb for namedroppers-data0@psg.com; Wed, 04 Mar 2009 19:54:58 +0000 Received: from [131.111.8.135] (helo=ppsw-5.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LexB3-0009GQ-Sv for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 19:54:52 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:56059) by ppsw-5.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.155]:25) with esmtpa (EXTERNAL:cet1) id 1LexAr-0007xW-Hn (Exim 4.70) (return-path ); Wed, 04 Mar 2009 19:54:37 +0000 Received: from prayer by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local (PRAYER:cet1) id 1LexAr-00078P-GI (Exim 4.67) (return-path ); Wed, 04 Mar 2009 19:54:37 +0000 Received: from [131.111.11.47] by webmail.hermes.cam.ac.uk with HTTP (Prayer-1.3.1); 04 Mar 2009 19:54:37 +0000 Date: 04 Mar 2009 19:54:37 +0000 From: Chris Thompson To: =?UTF-8?Q?Ond=C5=99ej_Sur=C3=BD?= Cc: bmanning@vacation.karoshi.com, Paul Vixie , Tony Finch , ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems Message-ID: In-Reply-To: References: <20563.1236179832@nsa.vix.com> <25914.1236186707@nsa.vix.com> <20090304175748.GB24212@vacation.karoshi.com.> X-Mailer: Prayer v1.3.1 Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Mar 4 2009, Ond=C5=99ej Sur=C3=BD wrote: >On Wed, Mar 4, 2009 at 6:57 PM, wrote: [...] >> DNSSEC does reorder RRSets within a zone. Which is a new featur= e. > >When we started talking about order of RRSets? This is purely discussion >about order of RRs in RRSet. Order of RRSets in zone is irrelevant before >DNSSEC and also after DNSSEC. Nothing depends on order of RRSets >at least in my best knowledge. I took Bill to mean "DNSSEC does reorder RRs within an RRset" anyway, as I don't know in what other sense DNSSEC is relevant at all. But the canonical ordering of RRs within an RRset for signing purposes says nothing about the presentation order in the answers to DNS queries. And in fact a certain well-known nameserver implementation not unassociated with Paul still supports all the rrset-order and sortlist controls, which work for secured zones as well as unsecured ones. --=20 Chris Thompson Email: cet1@cam.ac.uk -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 12:15:01 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 28BEF3A6A3F; Wed, 4 Mar 2009 12:15:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.357 X-Spam-Level: X-Spam-Status: No, score=-4.357 tagged_above=-999 required=5 tests=[AWL=0.138, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1qs1SmfQ3y73; Wed, 4 Mar 2009 12:15:00 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id EF5FB3A684E; Wed, 4 Mar 2009 12:14:59 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LexMx-000AQe-Vf for namedroppers-data0@psg.com; Wed, 04 Mar 2009 20:07:08 +0000 Received: from [198.32.6.68] (helo=vacation.karoshi.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LexMr-000AOe-Sf for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 20:07:04 +0000 Received: from karoshi.com (localhost.localdomain [127.0.0.1]) by vacation.karoshi.com (8.12.8/8.12.8) with ESMTP id n24K4Pff025275; Wed, 4 Mar 2009 20:04:25 GMT Received: (from bmanning@localhost) by karoshi.com (8.12.8/8.12.8/Submit) id n24K4Olk025274; Wed, 4 Mar 2009 20:04:24 GMT Date: Wed, 4 Mar 2009 20:04:24 +0000 From: bmanning@vacation.karoshi.com To: Chris Thompson Cc: =?utf-8?B?T25kxZllaiBTdXLDvQ==?= , bmanning@vacation.karoshi.com, Paul Vixie , Tony Finch , ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems Message-ID: <20090304200424.GB25180@vacation.karoshi.com.> References: <20563.1236179832@nsa.vix.com> <25914.1236186707@nsa.vix.com> <20090304175748.GB24212@vacation.karoshi.com.> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.4.1i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: my error here - Paul said DNS does no ordering... he did not specify ordering of what. we now return you to your rant. --bill On Wed, Mar 04, 2009 at 07:54:37PM +0000, Chris Thompson wrote: > On Mar 4 2009, OndEej SurC= wrote: > > >On Wed, Mar 4, 2009 at 6:57 PM, wrote: > [...] > >> DNSSEC does reorder RRSets within a zone. Which is a new feature. > > > >When we started talking about order of RRSets? This is purely discussion > >about order of RRs in RRSet. Order of RRSets in zone is irrelevant before > >DNSSEC and also after DNSSEC. Nothing depends on order of RRSets > >at least in my best knowledge. > > I took Bill to mean "DNSSEC does reorder RRs within an RRset" anyway, as > I don't know in what other sense DNSSEC is relevant at all. > > But the canonical ordering of RRs within an RRset for signing purposes > says nothing about the presentation order in the answers to DNS queries. > And in fact a certain well-known nameserver implementation not unassociated > with Paul still supports all the rrset-order and sortlist controls, which > work for secured zones as well as unsecured ones. > > -- > Chris Thompson > Email: cet1@cam.ac.uk > -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 12:18:43 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7DD193A684E; Wed, 4 Mar 2009 12:18:43 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.624 X-Spam-Level: X-Spam-Status: No, score=-0.624 tagged_above=-999 required=5 tests=[AWL=-0.129, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m9LcccRHts-V; Wed, 4 Mar 2009 12:18:42 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 6FBE23A6830; Wed, 4 Mar 2009 12:18:42 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LexSl-000Azt-PN for namedroppers-data0@psg.com; Wed, 04 Mar 2009 20:13:07 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LexSg-000Ay2-C7 for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 20:13:04 +0000 Received: from [10.31.200.116] (mail.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n24KCuvr018905; Wed, 4 Mar 2009 15:12:57 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <20563.1236179832@nsa.vix.com> <25914.1236186707@nsa.vix.com> <20090304175748.GB24212@vacation.karoshi.com.> Date: Wed, 4 Mar 2009 15:12:55 -0500 To: namedroppers@ops.ietf.org From: Edward Lewis Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems Cc: ed.lewis@neustar.biz Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: At 19:54 +0000 3/4/09, Chris Thompson wrote: >But the canonical ordering of RRs within an RRset for signing purposes >says nothing about the presentation order in the answers to DNS queries. Right - when we first wrote DNSSEC signing code there was a team meeting on "round robin vs. canonical order". The outcome was to copy the RRset as it was handed to the signer, sort the RR's in another piece of memory and then chunk(*) on that. Post validation, we dumped the memory we chunked on and retained the other (as-handed-to-us) copy. (*) - including downcasing domain names in the rdata, etc. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Never confuse activity with progress. Activity pays more. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 12:27:52 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 87F3B3A693B; Wed, 4 Mar 2009 12:27:52 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.44 X-Spam-Level: X-Spam-Status: No, score=-2.44 tagged_above=-999 required=5 tests=[AWL=-0.141, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y1vI2ipmSCol; Wed, 4 Mar 2009 12:27:51 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id B7FB03A6844; Wed, 4 Mar 2009 12:27:51 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lexdx-000C8z-IY for namedroppers-data0@psg.com; Wed, 04 Mar 2009 20:24:41 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lexdp-000C8T-UT for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 20:24:36 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 0DD03A1022; Wed, 4 Mar 2009 20:24:33 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: =?UTF-8?B?T25kxZllaiBTdXLDvQ==?= cc: Tony Finch , ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: Your message of "Wed, 04 Mar 2009 17:05:29 +0100." References: <20563.1236179832@nsa.vix.com> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Wed, 04 Mar 2009 20:24:33 +0000 Message-ID: <36372.1236198273@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > RFC 3484 is correct as it is. > > Here I don't. The idea behind is good, the implementation is not. > Client would have to know BGP path to DA + DB and decide on basis of > routing protocol. Selection based on longest matching prefix will work > in only very small percent of case, all other cases are based on pure > luck. random tends to be best, honestly. but if there's an alternative that's in the same /24 or /16 with you then this will be a useful optimization. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 12:33:59 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 56FCE28C170; Wed, 4 Mar 2009 12:33:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.572 X-Spam-Level: X-Spam-Status: No, score=0.572 tagged_above=-999 required=5 tests=[AWL=-0.456, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, J_CHICKENPOX_23=0.6, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k+VlN9+tUVqu; Wed, 4 Mar 2009 12:33:58 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id AB1AA28C446; Wed, 4 Mar 2009 12:33:53 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LexjE-000CeG-Ks for namedroppers-data0@psg.com; Wed, 04 Mar 2009 20:30:08 +0000 Received: from [209.85.128.185] (helo=fk-out-0910.google.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lexj2-000Cbz-Ug for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 20:30:05 +0000 Received: by fk-out-0910.google.com with SMTP id 18so1315796fkq.9 for ; Wed, 04 Mar 2009 12:29:55 -0800 (PST) MIME-Version: 1.0 Received: by 10.223.116.205 with SMTP id n13mr230447faq.103.1236198595203; Wed, 04 Mar 2009 12:29:55 -0800 (PST) In-Reply-To: <36372.1236198273@nsa.vix.com> References: <20563.1236179832@nsa.vix.com> <36372.1236198273@nsa.vix.com> Date: Wed, 4 Mar 2009 21:29:54 +0100 Message-ID: Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems From: =?UTF-8?B?T25kxZllaiBTdXLDvQ==?= To: Paul Vixie Cc: Tony Finch , ietf@ietf.org, namedroppers@ops.ietf.org Content-Type: multipart/alternative; boundary=001636c5a4902394a7046450ea90 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --001636c5a4902394a7046450ea90 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On Wed, Mar 4, 2009 at 9:24 PM, Paul Vixie wrote: > > RFC 3484 is correct as it is. > > > > Here I don't. The idea behind is good, the implementation is not. > > Client would have to know BGP path to DA + DB and decide on basis of > > routing protocol. Selection based on longest matching prefix will work > > in only very small percent of case, all other cases are based on pure > > luck. > > random tends to be best, honestly. but if there's an alternative that's > in the same /24 or /16 with you then this will be a useful optimization. > /24 - could be, but is it worth? /16 - not a chance; there are a lot of LIRs with /20 in RIPE region, so /16 is way too much (and you can have quicker connection to U.S. than to some parts of Europe). Ondrej. -- Ondrej Sury technicky reditel/Chief Technical Officer ----------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23,120 00 Praha 2,Czech Republic mailto:ondrej.sury@nic.cz http://nic.cz/ sip:ondrej.sury@nic.cz tel:+420.222745110 mob:+420.739013699 fax:+420.222745112 ----------------------------------------- --001636c5a4902394a7046450ea90 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

On Wed, Mar 4, 2009 at 9:24 PM, Paul Vix= ie <vixie@isc.org= > wrote:
> =C2=A0 =C2=A0 =C2=A0RFC 3484 is correct as it is. >
> =C2=A0 =C2=A0Here I don't. The idea behind is good, the implementa= tion is not.
> =C2=A0 =C2=A0Client would have to know BGP path to DA + DB and decide = on basis of
> =C2=A0 =C2=A0routing protocol. Selection based on longest matching pre= fix will work
> =C2=A0 =C2=A0in only very small percent of case, all other cases are b= ased on pure
> =C2=A0 =C2=A0luck.

random tends to be best, honestly. =C2=A0but if there's an altern= ative that's
in the same /24 or /16 with you then this will be a useful optimization.

/24 - could be, but is it worth?

/16 - not a = chance; there are a lot of LIRs with /20 in RIPE region, so /16 is way too<= br>much (and you can have quicker connection to U.S. than to some parts of = Europe).

Ondrej.
--
Ondrej Sury
technicky reditel/Chief Technical Of= ficer
-----------------------------------------
CZ.NIC, z.s.p.o. = =C2=A0-- =C2=A0.cz domain registry
Americka 23,120 00 Praha 2,Czech Rep= ublic
mailto:ondrej.sury@nic.cz =C2=A0= http://nic.cz/
sip:ondrej.sury@nic.cz tel:+420.222745110
mob:+4= 20.739013699 =C2=A0 =C2=A0 fax:+420.222745112
-----------------------------------------


--001636c5a4902394a7046450ea90-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 12:36:01 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3046228C489; Wed, 4 Mar 2009 12:36:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.61 X-Spam-Level: X-Spam-Status: No, score=0.61 tagged_above=-999 required=5 tests=[AWL=-0.418, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, J_CHICKENPOX_23=0.6, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sX+VnH7QxIax; Wed, 4 Mar 2009 12:36:00 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id D334828C180; Wed, 4 Mar 2009 12:35:59 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LexmB-000Cxs-4o for namedroppers-data0@psg.com; Wed, 04 Mar 2009 20:33:11 +0000 Received: from [209.85.218.157] (helo=mail-bw0-f157.google.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lexm2-000Cwc-Sy for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 20:33:08 +0000 Received: by bwz1 with SMTP id 1so155991bwz.41 for ; Wed, 04 Mar 2009 12:33:01 -0800 (PST) MIME-Version: 1.0 Received: by 10.223.117.194 with SMTP id s2mr244577faq.83.1236198780746; Wed, 04 Mar 2009 12:33:00 -0800 (PST) In-Reply-To: <20090304200424.GB25180@vacation.karoshi.com.> References: <20563.1236179832@nsa.vix.com> <25914.1236186707@nsa.vix.com> <20090304175748.GB24212@vacation.karoshi.com.> <20090304200424.GB25180@vacation.karoshi.com.> Date: Wed, 4 Mar 2009 21:33:00 +0100 Message-ID: Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems From: =?UTF-8?B?T25kxZllaiBTdXLDvQ==?= To: bmanning@vacation.karoshi.com Cc: Chris Thompson , Paul Vixie , Tony Finch , ietf@ietf.org, namedroppers@ops.ietf.org Content-Type: multipart/alternative; boundary=001636c5b47e32bc0b046450f515 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --001636c5b47e32bc0b046450f515 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On Wed, Mar 4, 2009 at 9:04 PM, wrote: > we now return you to your rant. Sorry, if I sounded too harsh. my error here - Paul said DNS does no ordering... he did not specify > ordering of what. Order of RRs in zone file is not relevant for the order "on the wire". DNS (as in DNS protocol) does no ordering. Ondrej. > --bill > > > On Wed, Mar 04, 2009 at 07:54:37PM +0000, Chris Thompson wrote: > > On Mar 4 2009, OndE ej SurC= wrote: > > > > >On Wed, Mar 4, 2009 at 6:57 PM, wrote: > > [...] > > >> DNSSEC does reorder RRSets within a zone. Which is a new > feature. > > > > > >When we started talking about order of RRSets? This is purely > discussion > > >about order of RRs in RRSet. Order of RRSets in zone is irrelevant > before > > >DNSSEC and also after DNSSEC. Nothing depends on order of RRSets > > >at least in my best knowledge. > > > > I took Bill to mean "DNSSEC does reorder RRs within an RRset" anyway, as > > I don't know in what other sense DNSSEC is relevant at all. > > > > But the canonical ordering of RRs within an RRset for signing purposes > > says nothing about the presentation order in the answers to DNS queries. > > And in fact a certain well-known nameserver implementation not > unassociated > > with Paul still supports all the rrset-order and sortlist controls, which > > work for secured zones as well as unsecured ones. > > > > -- > > Chris Thompson > > Email: cet1@cam.ac.uk > > > -- Ondrej Sury technicky reditel/Chief Technical Officer ----------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23,120 00 Praha 2,Czech Republic mailto:ondrej.sury@nic.cz http://nic.cz/ sip:ondrej.sury@nic.cz tel:+420.222745110 mob:+420.739013699 fax:+420.222745112 ----------------------------------------- --001636c5b47e32bc0b046450f515 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
On Wed, Mar 4, 2009 at 9:04 PM, <bmanning@vaca= tion.karoshi.com> wrote:
we now return you to your rant.

Sorry, if I sounded too harsh.

=C2=A0my error here - Paul said DNS does no ordering.= .. he did not specify
ordering of what. =C2=A0

Order of RRs in zone file is = not relevant for the order "on the wire".
DNS (as in DNS proto= col) does no ordering.

Ondrej.


--bill


On Wed, Mar 04, 2009 at 07:54:37PM +0000, Chris Thompson wrote:
> On Mar 4 2009, OndE ej SurC=3D wrote:
>
> >On Wed, Mar 4, 2009 at 6:57 PM, <bmanning@vacation.karoshi.com> wrote:
> [...]
> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0DNSSEC does reorder RRSets within = a zone. =C2=A0Which is a new feature.
> >
> >When we started talking about order of RRSets? =C2=A0This is purel= y discussion
> >about order of RRs in RRSet. Order of RRSets in zone is irrelevant= before
> >DNSSEC and also after DNSSEC. Nothing depends on order of RRSets > >at least in my best knowledge.
>
> I took Bill to mean "DNSSEC does reorder RRs within an RRset"= ; anyway, as
> I don't know in what other sense DNSSEC is relevant at all.
>
> But the canonical ordering of RRs within an RRset for signing purposes=
> says nothing about the presentation order in the answers to DNS querie= s.
> And in fact a certain well-known nameserver implementation not unassoc= iated
> with Paul still supports all the rrset-order and sortlist controls, wh= ich
> work for secured zones as well as unsecured ones.
>
> --
> Chris Thompson
> Email: cet1@cam.ac.uk
>



--
Ondrej Sur= y
technicky reditel/Chief Technical Officer
-----------------------= ------------------
CZ.NIC, z.s.p.o. =C2=A0-- =C2=A0.cz domain registry<= br> Americka 23,120 00 Praha 2,Czech Republic
mailto:ondrej.sury@nic.cz =C2=A0= http://nic.cz/
sip:ondrej.sury@nic.cz tel:+420.222745110
mob:+4= 20.739013699 =C2=A0 =C2=A0 fax:+420.222745112
-----------------------------------------


--001636c5b47e32bc0b046450f515-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 12:46:37 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C27783A693B; Wed, 4 Mar 2009 12:46:37 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.952 X-Spam-Level: X-Spam-Status: No, score=-1.952 tagged_above=-999 required=5 tests=[AWL=-0.553, BAYES_00=-2.599, J_CHICKENPOX_43=0.6, J_CHICKENPOX_53=0.6] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 33pvFkk8Ra0Y; Wed, 4 Mar 2009 12:46:37 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id E21653A68B0; Wed, 4 Mar 2009 12:46:36 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lexw9-000DxS-3H for namedroppers-data0@psg.com; Wed, 04 Mar 2009 20:43:29 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lexw3-000Dx4-Jn for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 20:43:26 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 3B314A1022; Wed, 4 Mar 2009 20:43:23 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: Tony Finch cc: namedroppers@ops.ietf.org, ietf@ietf.org Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: Your message of "Wed, 04 Mar 2009 17:06:24 GMT." References: <20090304145901.GC6574@shinkuro.com> <25201.1236185908@nsa.vix.com> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Wed, 04 Mar 2009 20:43:23 +0000 Message-ID: <37326.1236199403@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > > you'll see roundrobin and lifo, among others, in many caches including > > stub caches. > > Large numbers of sites have been depending on this behaviour for over 15 > years, so it was wrong of RFC 3484 to break it. some number of vendors have depended on revenue from selling this feature but i'd say that only a small number of sites ever saw any benefit from it. we've been lifo'ing and round robin'ing dns data in caches and stubs for a lot longer than 15 years, and the original dns rfc's said specifically that rrset ordering was not guaranteed in the protocol, so anyone who depended on it was getting screwed a long time before RFC 3484 came around. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 12:49:59 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 013293A6847; Wed, 4 Mar 2009 12:49:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.524 X-Spam-Level: X-Spam-Status: No, score=-2.524 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rHhK+z4nGPmc; Wed, 4 Mar 2009 12:49:58 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 18B183A67A7; Wed, 4 Mar 2009 12:49:58 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lexza-000ELW-S4 for namedroppers-data0@psg.com; Wed, 04 Mar 2009 20:47:02 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LexzP-000EKB-Qj for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 20:46:58 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 736F6A1031; Wed, 4 Mar 2009 20:46:51 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: Tony Finch cc: ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: Your message of "Wed, 04 Mar 2009 17:13:57 GMT." References: <20563.1236179832@nsa.vix.com> <25914.1236186707@nsa.vix.com> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Wed, 04 Mar 2009 20:46:51 +0000 Message-ID: <37461.1236199611@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > > neither a client or a server can be guaranteed topology-aware. dns leaves > > ordering deliberately undefined and encourages applications to use their > > own best judgement. > > Rule 9 kicks in when the client has no topology information, which is why > it is broken. "in my same /24" or "in my same /16" is a pretty good indicator, though. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 12:58:30 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6F5B13A68B0; Wed, 4 Mar 2009 12:58:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.741 X-Spam-Level: X-Spam-Status: No, score=-3.741 tagged_above=-999 required=5 tests=[AWL=-1.643, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, J_CHICKENPOX_43=0.6, J_CHICKENPOX_53=0.6, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6CiBE5JRIOW8; Wed, 4 Mar 2009 12:58:29 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 699353A6844; Wed, 4 Mar 2009 12:58:29 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Ley7D-000FAQ-Bi for namedroppers-data0@psg.com; Wed, 04 Mar 2009 20:54:55 +0000 Received: from [131.111.8.131] (helo=ppsw-1.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Ley75-000F9D-VC for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 20:54:52 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:49415) by ppsw-1.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.151]:25) with esmtpa (EXTERNAL:fanf2) id 1Ley75-0000oZ-44 (Exim 4.70) (return-path ); Wed, 04 Mar 2009 20:54:47 +0000 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1Ley75-0005Wl-7w (Exim 4.67) (return-path ); Wed, 04 Mar 2009 20:54:47 +0000 Date: Wed, 4 Mar 2009 20:54:47 +0000 From: Tony Finch X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: Paul Vixie cc: namedroppers@ops.ietf.org, ietf@ietf.org Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: <37326.1236199403@nsa.vix.com> Message-ID: References: <20090304145901.GC6574@shinkuro.com> <25201.1236185908@nsa.vix.com> <37326.1236199403@nsa.vix.com> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, 4 Mar 2009, Paul Vixie wrote: > > we've been lifo'ing and round robin'ing dns data in caches and stubs for a > lot longer than 15 years, This is the key feature than RFC 3484 breaks. (I wasn't sure of the history - it was very murky when I tried to find the origin of round-robin DNS.) Tony. -- f.anthony.n.finch http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 12:58:33 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1D47A3A68B0; Wed, 4 Mar 2009 12:58:33 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.263 X-Spam-Level: X-Spam-Status: No, score=-4.263 tagged_above=-999 required=5 tests=[AWL=-0.964, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HHUtGvNmoqlj; Wed, 4 Mar 2009 12:58:32 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 3854B3A6844; Wed, 4 Mar 2009 12:58:32 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Ley7d-000FDz-Et for namedroppers-data0@psg.com; Wed, 04 Mar 2009 20:55:21 +0000 Received: from [131.111.8.135] (helo=ppsw-5.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Ley7W-000FD0-Sw for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 20:55:18 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:37706) by ppsw-5.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.155]:25) with esmtpa (EXTERNAL:fanf2) id 1Ley7V-0007G7-HW (Exim 4.70) (return-path ); Wed, 04 Mar 2009 20:55:13 +0000 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1Ley7V-0005Zi-DR (Exim 4.67) (return-path ); Wed, 04 Mar 2009 20:55:13 +0000 Date: Wed, 4 Mar 2009 20:55:13 +0000 From: Tony Finch X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: Paul Vixie cc: ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: <37461.1236199611@nsa.vix.com> Message-ID: References: <20563.1236179832@nsa.vix.com> <25914.1236186707@nsa.vix.com> <37461.1236199611@nsa.vix.com> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, 4 Mar 2009, Paul Vixie wrote: > > "in my same /24" or "in my same /16" is a pretty good indicator, though. Pity that ain't what the spec says. Tony. -- f.anthony.n.finch http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 13:09:38 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4E51928C33D; Wed, 4 Mar 2009 13:09:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kibhIi8xcsrk; Wed, 4 Mar 2009 13:09:37 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 3EB7328C438; Wed, 4 Mar 2009 13:09:37 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeyEj-000GD0-9U for namedroppers-data0@psg.com; Wed, 04 Mar 2009 21:02:41 +0000 Received: from [2001:4f8:0:2::1c] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LeyEd-000GC5-3e for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 21:02:36 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTPS id 4D5ED11401C; Wed, 4 Mar 2009 21:02:27 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (drugs.dv.isc.org [IPv6:2001:470:1f00:820:214:22ff:fed9:fbdc]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "drugs.dv.isc.org", Issuer "ISC CA" (not verified)) by farside.isc.org (Postfix) with ESMTP id ACB80E6064; Wed, 4 Mar 2009 21:02:26 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.14.3/8.14.3) with ESMTP id n24L2OTc027963; Thu, 5 Mar 2009 08:02:24 +1100 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200903042102.n24L2OTc027963@drugs.dv.isc.org> To: ietf@ietf.org, namedroppers@ops.ietf.org From: Mark Andrews Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-reply-to: Your message of "Wed, 04 Mar 2009 21:33:00 BST." Date: Thu, 05 Mar 2009 08:02:24 +1100 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: For this section to be useful you needs to be done at break points. LAN /64, SITE /56 or /48 and ISP /??. Doing it on every bit boundary is just plain wrong. The intent was good. The specification was wrong. To make this useful you need a protocol to distribute those break points. This is a little like a automated sortlist built into modern resolvers. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 4 14:06:25 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A061628C2D8; Wed, 4 Mar 2009 14:06:25 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.374 X-Spam-Level: X-Spam-Status: No, score=-2.374 tagged_above=-999 required=5 tests=[AWL=-0.075, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vrdQp5a81MnC; Wed, 4 Mar 2009 14:06:22 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id C59183A6955; Wed, 4 Mar 2009 14:06:21 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lez9l-000LqG-8R for namedroppers-data0@psg.com; Wed, 04 Mar 2009 22:01:37 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lez9e-000Lpt-Rn for namedroppers@ops.ietf.org; Wed, 04 Mar 2009 22:01:33 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 75CA6A1018; Wed, 4 Mar 2009 22:01:29 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: =?UTF-8?B?T25kxZllaiBTdXLDvQ==?= cc: Tony Finch , ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: Your message of "Wed, 04 Mar 2009 21:29:54 +0100." References: <20563.1236179832@nsa.vix.com> <36372.1236198273@nsa.vix.com> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Wed, 04 Mar 2009 22:01:29 +0000 Message-ID: <41007.1236204089@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > /24 - could be, but is it worth? > /16 - not a chance; there are a lot of LIRs with /20 in RIPE region, so > /16 is way too > much (and you can have quicker connection to U.S. than to some parts of > Europe). there are three modes here. first, you can do some good. second, you can do some harm. third, you can have no effect. RFC 3484 as it is can sometimes do some good. and if it ends up using address similarity as an indicator of probable proximity and it's wrong, then it'll be the same as random. only in the case where the server is depending on rr ordering within rrsets, which dns has never guaranteed and which many caches (both rdns and stubs) randomize or reorder anyway, and where the server's imputation of topology knows about every private interconnect that may affect client performance, would RFC 3484 do harm. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Mar 5 02:02:17 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 04D8928C3DD; Thu, 5 Mar 2009 02:02:17 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.15 X-Spam-Level: X-Spam-Status: No, score=0.15 tagged_above=-999 required=5 tests=[AWL=-0.600, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vNeqgTB-Saha; Thu, 5 Mar 2009 02:02:16 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 1F97428C3D2; Thu, 5 Mar 2009 02:02:16 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfAIQ-000640-OV for namedroppers-data0@psg.com; Thu, 05 Mar 2009 09:55:18 +0000 Received: from [193.227.124.2] (helo=mx01.bfk.de) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfAIF-00063D-5Q for namedroppers@ops.ietf.org; Thu, 05 Mar 2009 09:55:15 +0000 Received: from mx00.int.bfk.de ([10.119.110.2]) by mx01.bfk.de with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) id 1LfAHj-0008QM-N2; Thu, 05 Mar 2009 10:54:35 +0100 Received: from fweimer by bfk.de with local id 1LfAHr-0005k9-CS; Thu, 05 Mar 2009 10:54:43 +0100 To: Paul Vixie Cc: Tony Finch , namedroppers@ops.ietf.org, ietf@ietf.org Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems References: <20090304145901.GC6574@shinkuro.com> <25201.1236185908@nsa.vix.com> <37326.1236199403@nsa.vix.com> From: Florian Weimer Date: Thu, 05 Mar 2009 10:54:43 +0100 In-Reply-To: <37326.1236199403@nsa.vix.com> (Paul Vixie's message of "Wed, 04 Mar 2009 20:43:23 +0000") Message-ID: <823adswazg.fsf@mid.bfk.de> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: * Paul Vixie: >> Large numbers of sites have been depending on this behaviour for over 15 >> years, so it was wrong of RFC 3484 to break it. > > some number of vendors have depended on revenue from selling this feature > but i'd say that only a small number of sites ever saw any benefit from i= t. pool.ntp.org, security.debian.org, rsync.gentoo.org, [a-o].ns.spamhaus.org, [a-n].surbl.org. In general the "large RRset" approach is used by those who do not buy special DNS appliance to serve their zones, I think. Many CDNs also serve multiple addresses selected from a larger pool, probably based on network topology and server load/availability. Those folks can mitigate Rule 9 impact by carefully tuning the address set in each response. But those who rely on IETF protocols to distribute and publish their DNS data are out of luck. (Another approach to deal with the Rule 9 fallout is to put all your servers into a dedicated prefix, but I don't think this is a good idea in general.) --=20 Florian Weimer BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstra=DFe 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Mar 5 02:12:55 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CEA8E28C413; Thu, 5 Mar 2009 02:12:55 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.649 X-Spam-Level: X-Spam-Status: No, score=-103.649 tagged_above=-999 required=5 tests=[AWL=-1.400, BAYES_00=-2.599, HELO_EQ_FR=0.35, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RNQjS7fY2shb; Thu, 5 Mar 2009 02:12:55 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id EDAC428C435; Thu, 5 Mar 2009 02:12:42 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfAUq-0007No-Ms for namedroppers-data0@psg.com; Thu, 05 Mar 2009 10:08:08 +0000 Received: from [2001:660:3003:2::4:11] (helo=mx2.nic.fr) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfAUl-0007NB-Kc for namedroppers@ops.ietf.org; Thu, 05 Mar 2009 10:08:05 +0000 Received: from mx2.nic.fr (localhost [127.0.0.1]) by mx2.nic.fr (Postfix) with SMTP id 7D5AF1C018B; Thu, 5 Mar 2009 11:07:58 +0100 (CET) Received: from relay1.nic.fr (relay1.nic.fr [192.134.4.162]) by mx2.nic.fr (Postfix) with ESMTP id 7866B1C0184; Thu, 5 Mar 2009 11:07:58 +0100 (CET) Received: from bortzmeyer.nic.fr (batilda.nic.fr [192.134.4.69]) by relay1.nic.fr (Postfix) with ESMTP id 6ACFCA1D97E; Thu, 5 Mar 2009 11:07:58 +0100 (CET) Date: Thu, 5 Mar 2009 11:07:58 +0100 From: Stephane Bortzmeyer To: Edward Lewis Cc: namedroppers@ops.ietf.org Subject: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems Message-ID: <20090305100758.GA21241@nic.fr> References: <20563.1236179832@nsa.vix.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Operating-System: Debian GNU/Linux 5.0 X-Kernel: Linux 2.6.26-1-686 i686 Organization: NIC France X-URL: http://www.nic.fr/ User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, Mar 04, 2009 at 11:32:45AM -0500, Edward Lewis wrote a message of 23 lines which said: > FWIW (since someone else mentioned it), I agree with that. > >> RFC 3484 is correct as it is. > > I don't have an informed opinion on that. I cannot find the start of this discussion. Is it related to ? -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Mar 5 02:26:20 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7AF343A6A83; Thu, 5 Mar 2009 02:26:20 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.416 X-Spam-Level: X-Spam-Status: No, score=-103.416 tagged_above=-999 required=5 tests=[AWL=-1.167, BAYES_00=-2.599, HELO_EQ_FR=0.35, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nudr8yTPcQYH; Thu, 5 Mar 2009 02:26:19 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id AF52D3A6AC9; Thu, 5 Mar 2009 02:26:19 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfAiP-0008af-QR for namedroppers-data0@psg.com; Thu, 05 Mar 2009 10:22:09 +0000 Received: from [2001:660:3003:2::4:11] (helo=mx2.nic.fr) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfAiJ-0008Zk-NW for namedroppers@ops.ietf.org; Thu, 05 Mar 2009 10:22:06 +0000 Received: from mx2.nic.fr (localhost [127.0.0.1]) by mx2.nic.fr (Postfix) with SMTP id 0BC811C0196; Thu, 5 Mar 2009 11:22:03 +0100 (CET) Received: from relay1.nic.fr (relay1.nic.fr [192.134.4.162]) by mx2.nic.fr (Postfix) with ESMTP id 06D041C018E; Thu, 5 Mar 2009 11:22:03 +0100 (CET) Received: from bortzmeyer.nic.fr (batilda.nic.fr [192.134.4.69]) by relay1.nic.fr (Postfix) with ESMTP id EDB38A1D97E; Thu, 5 Mar 2009 11:22:02 +0100 (CET) Date: Thu, 5 Mar 2009 11:22:02 +0100 From: Stephane Bortzmeyer To: Edward Lewis Cc: namedroppers@ops.ietf.org Subject: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems Message-ID: <20090305102202.GA23365@nic.fr> References: <20563.1236179832@nsa.vix.com> <20090305100758.GA21241@nic.fr> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20090305100758.GA21241@nic.fr> X-Operating-System: Debian GNU/Linux 5.0 X-Kernel: Linux 2.6.26-1-686 i686 Organization: NIC France X-URL: http://www.nic.fr/ User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Thu, Mar 05, 2009 at 11:07:58AM +0100, Stephane Bortzmeyer wrote a message of 17 lines which said: > I cannot find the start of this discussion. Ah, OK, IETF general mailing list. Wrong sorting. Sorry for the noise. [May be I should rewrite my sorting rules from procmail to a proper IETF standard, Sieve, in order to get rid of the accumulated cruft.] -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Mar 5 03:37:31 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 776683A6A84; Thu, 5 Mar 2009 03:37:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.552 X-Spam-Level: X-Spam-Status: No, score=-102.552 tagged_above=-999 required=5 tests=[AWL=0.047, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dvdXBAfyllEq; Thu, 5 Mar 2009 03:37:30 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id B315B3A69FA; Thu, 5 Mar 2009 03:37:30 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfBnq-000FH3-St for namedroppers-data0@psg.com; Thu, 05 Mar 2009 11:31:50 +0000 Received: from [2001:14b8:400::130] (helo=smtp.piuha.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfBnl-000FGg-5j for namedroppers@ops.ietf.org; Thu, 05 Mar 2009 11:31:47 +0000 Received: from smtp.piuha.net (localhost [127.0.0.1]) by smtp.piuha.net (Postfix) with ESMTP id 63BA7198710; Thu, 5 Mar 2009 13:31:43 +0200 (EET) Received: from [127.0.0.1] (unknown [IPv6:2001:14b8:400::130]) by smtp.piuha.net (Postfix) with ESMTP id 28C0119866C; Thu, 5 Mar 2009 13:31:43 +0200 (EET) Message-ID: <49AFB80F.2080700@piuha.net> Date: Thu, 05 Mar 2009 12:31:27 +0100 From: Jari Arkko User-Agent: Thunderbird 2.0.0.19 (X11/20090105) MIME-Version: 1.0 To: Tony Finch CC: namedroppers@ops.ietf.org, ietf@ietf.org, 6man Chairs <6man-chairs@tools.ietf.org> Subject: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems References: <20090304145901.GC6574@shinkuro.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: 6MAN WG is working on this. Jari -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From augusto.ballerio@is-teledata.com Thu Mar 5 04:30:56 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4DAD43A692D; Thu, 5 Mar 2009 04:30:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 2.466 X-Spam-Level: ** X-Spam-Status: No, score=2.466 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BLUEYON=1.4, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX_NOV5A=1.062, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LsIcNOZduoIQ; Thu, 5 Mar 2009 04:30:55 -0800 (PST) Received: from 92-232-226-106.cable.ubr08.shef.blueyonder.co.uk (92-232-226-106.cable.ubr08.shef.blueyonder.co.uk [92.232.226.106]) by core3.amsl.com (Postfix) with SMTP id 581CA3A6AF2; Thu, 5 Mar 2009 04:30:47 -0800 (PST) X-Originating-IP: 152.96.176.204 by 94.215.156.88; Thu, 05 Mar 2009 10:26:17 -0200 Message-ID: From: "Marguerite Bird" To: "Maura Cooper" Subject: Girls will love this Franck Muller watch Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Date: Thu, 05 Mar 2009 07:31:17 -0500 What's the fastest way to a lover's heart? A beautiful and stylish designer watch! http://rxcollusive.cn The watch of your dreams doesn't have to be an overpriced piece of machinery. Nowadays you can get the same functionality and distinctive looks from the next best thing. Visit Exquisite Reps and choose from hundreds of gorgeous models at less than ten percent the price of an original. http://rxcollusive.cn Enjoy the fastest shipping around, paired with secure billing, incredible customer service and the largest online selection of fine reproduction timepieces only at Exquisite Reps, of course! From owner-namedroppers@ops.ietf.org Thu Mar 5 05:40:10 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B50543A6A13; Thu, 5 Mar 2009 05:40:10 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.251 X-Spam-Level: X-Spam-Status: No, score=-4.251 tagged_above=-999 required=5 tests=[AWL=-0.952, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iMmG-Ni8p-6y; Thu, 5 Mar 2009 05:40:09 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id BA4763A679C; Thu, 5 Mar 2009 05:40:09 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfDip-0001XI-1e for namedroppers-data0@psg.com; Thu, 05 Mar 2009 13:34:47 +0000 Received: from [131.111.8.137] (helo=ppsw-7.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfDii-0001WY-Dj for namedroppers@ops.ietf.org; Thu, 05 Mar 2009 13:34:43 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:43433) by ppsw-7.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.157]:25) with esmtpa (EXTERNAL:fanf2) id 1LfDif-0000mK-Nx (Exim 4.70) (return-path ); Thu, 05 Mar 2009 13:34:37 +0000 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1LfDif-0006PC-DJ (Exim 4.67) (return-path ); Thu, 05 Mar 2009 13:34:37 +0000 Date: Thu, 5 Mar 2009 13:34:37 +0000 From: Tony Finch X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: Paul Vixie cc: =?ISO-8859-2?Q?Ond=F8ej_Sur=FD?= , ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: <41007.1236204089@nsa.vix.com> Message-ID: References: <20563.1236179832@nsa.vix.com> <36372.1236198273@nsa.vix.com> <41007.1236204089@nsa.vix.com> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, 4 Mar 2009, Paul Vixie wrote: > only in the case where the server is depending on rr ordering within > rrsets, which dns has never guaranteed and which many caches (both rdns > and stubs) randomize or reorder anyway, and where the server's > imputation of topology knows about every private interconnect that may > affect client performance, would RFC 3484 do harm. No, it does harm when the servers are depending on RRsets being DISordered. Tony. -- f.anthony.n.finch http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From mickael.henry@airbus.com Thu Mar 5 06:42:56 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0C3E83A6964 for ; Thu, 5 Mar 2009 06:42:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.556 X-Spam-Level: X-Spam-Status: No, score=-14.556 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HELO_EQ_DE=0.35, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UAqGQ3cFFEPN for ; Thu, 5 Mar 2009 06:42:50 -0800 (PST) Received: from i577B4F75.versanet.de (i577B4F75.versanet.de [87.123.79.117]) by core3.amsl.com (Postfix) with SMTP id 4B3113A6809 for ; Thu, 5 Mar 2009 06:42:48 -0800 (PST) To: Subject: Check out hot deals From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090305144249.4B3113A6809@core3.amsl.com> Date: Thu, 5 Mar 2009 06:42:48 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.quietleads.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://quietleads.com/faq.php

Privacy Statement | Terms & Conditions | Contact

KEYWORD Ltd.
Tower Bridge Business Complex. Unit 4, B719. 385 Clements Road. London. SE02 6DG

© 2006-2008 KEYWORD, Ltd. All Rights Reserved

From owner-namedroppers@ops.ietf.org Thu Mar 5 10:06:59 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2F52C28C494; Thu, 5 Mar 2009 10:06:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.567 X-Spam-Level: X-Spam-Status: No, score=-3.567 tagged_above=-999 required=5 tests=[AWL=1.032, BAYES_00=-2.599, GB_I_LETTER=-2] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gLdwEILf1FMw; Thu, 5 Mar 2009 10:06:58 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 3611E28C4DE; Thu, 5 Mar 2009 10:06:58 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfHrX-000PX7-03 for namedroppers-data0@psg.com; Thu, 05 Mar 2009 18:00:03 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfHrN-000PTH-4G for namedroppers@ops.ietf.org; Thu, 05 Mar 2009 17:59:56 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 61102A1018; Thu, 5 Mar 2009 17:59:52 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: Florian Weimer cc: Tony Finch , namedroppers@ops.ietf.org, ietf@ietf.org Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: Your message of "Thu, 05 Mar 2009 10:54:43 +0100." <823adswazg.fsf@mid.bfk.de> References: <20090304145901.GC6574@shinkuro.com> <25201.1236185908@nsa.vix.com> <37326.1236199403@nsa.vix.com> <823adswazg.fsf@mid.bfk.de> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Thu, 05 Mar 2009 17:59:52 +0000 Message-ID: <93327.1236275992@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > > some number of vendors have depended on revenue from selling this > > feature but i'd say that only a small number of sites ever saw any > > benefit from it. > > pool.ntp.org, security.debian.org, rsync.gentoo.org, > [a-o].ns.spamhaus.org, [a-n].surbl.org. In general the "large RRset" > approach is used by those who do not buy special DNS appliance to serve > their zones, I think. i'm not sure we're in the same discussion. pool.ntp.org is using short ttl and silent truncation and round robin. there's no geo-ip stability that could be hurt by client-side reordering or rerandomizing. and the nameserver examples you gave are all subject to rdns RTT sorting. the "large RRset" approach works just fine, and is not related to Rule 9. > Many CDNs also serve multiple addresses selected from a larger pool, > probably based on network topology and server load/availability. and they have to use drastically low TTL's to prevent mobility from breaking their assumptions. and they have no way to cope with opendns or any other global or semi-coherent caching layer. and even when they use TTL=0 and happen to be talking to an rdns who shares topology with the stub, they're making an educated guess without knowing what kinds of wormholes the stub may have access to, whether VPN, private interconnects that don't show up in global BGP, or whatever. i've been calling server-side policy-driven rewriting "stupid DNS tricks" (after david letterman's "stupid pet and human tricks") since 1994 or so, and nothing i've seen has made me suspect that i might have been wrong. it's a pity i'm not on the ietf mailing list. folks there are not getting any of this text, so it must look like a one-sided debate over there. can someone with posting rights on ietf@ietf.org plz fwd a copy of this there? -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Mar 5 10:07:08 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5B58828C4DF; Thu, 5 Mar 2009 10:07:08 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.607 X-Spam-Level: X-Spam-Status: No, score=-2.607 tagged_above=-999 required=5 tests=[AWL=-0.008, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m69XWKj6gy6W; Thu, 5 Mar 2009 10:07:07 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 8CF2928C494; Thu, 5 Mar 2009 10:07:07 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfHtQ-000PuI-3n for namedroppers-data0@psg.com; Thu, 05 Mar 2009 18:02:00 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfHtH-000Ptm-8p for namedroppers@ops.ietf.org; Thu, 05 Mar 2009 18:01:53 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id E6EF2A1022; Thu, 5 Mar 2009 18:01:50 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: Tony Finch cc: =?ISO-8859-2?Q?Ond=F8ej_Sur=FD?= , ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: Your message of "Thu, 05 Mar 2009 13:34:37 GMT." References: <20563.1236179832@nsa.vix.com> <36372.1236198273@nsa.vix.com> <41007.1236204089@nsa.vix.com> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Thu, 05 Mar 2009 18:01:50 +0000 Message-ID: <93444.1236276110@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > > only in the case where the server is depending on rr ordering within > > rrsets, which dns has never guaranteed and which many caches (both rdns > > and stubs) randomize or reorder anyway, and where the server's > > imputation of topology knows about every private interconnect that may > > affect client performance, would RFC 3484 do harm. > > No, it does harm when the servers are depending on RRsets being DISordered. so the policy you're arguing for is that clients should always randomize? -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Mar 5 10:12:18 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7544728C361; Thu, 5 Mar 2009 10:12:18 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.241 X-Spam-Level: X-Spam-Status: No, score=-4.241 tagged_above=-999 required=5 tests=[AWL=-0.942, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KJfZnkyN5ASi; Thu, 5 Mar 2009 10:12:17 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 7CEE628C494; Thu, 5 Mar 2009 10:12:17 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfHz1-0000OO-S2 for namedroppers-data0@psg.com; Thu, 05 Mar 2009 18:07:47 +0000 Received: from [131.111.8.130] (helo=ppsw-0.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfHys-0000NQ-Oi for namedroppers@ops.ietf.org; Thu, 05 Mar 2009 18:07:45 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:35183) by ppsw-0.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.150]:25) with esmtpa (EXTERNAL:fanf2) id 1LfHyp-0007AO-2t (Exim 4.70) (return-path ); Thu, 05 Mar 2009 18:07:35 +0000 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1LfHyp-0001k3-SO (Exim 4.67) (return-path ); Thu, 05 Mar 2009 18:07:35 +0000 Date: Thu, 5 Mar 2009 18:07:35 +0000 From: Tony Finch X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: Paul Vixie cc: =?ISO-8859-2?Q?Ond=F8ej_Sur=FD?= , ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: <93444.1236276110@nsa.vix.com> Message-ID: References: <20563.1236179832@nsa.vix.com> <36372.1236198273@nsa.vix.com> <41007.1236204089@nsa.vix.com> <93444.1236276110@nsa.vix.com> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Thu, 5 Mar 2009, Paul Vixie wrote: > > so the policy you're arguing for is that clients should always randomize? When the client has topology information it should follow that (i.e. rules 1 - 8). When it doesn't have topology information it should use the order it gets from the DNS (i.e. rule 10, and historical practice). This lets the client's recursive server do whatever it thinks is sensible with the RRset, which is usually round-robin balancing. Tony. -- f.anthony.n.finch http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Mar 5 11:08:38 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 26FB028C495; Thu, 5 Mar 2009 11:08:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.606 X-Spam-Level: X-Spam-Status: No, score=-2.606 tagged_above=-999 required=5 tests=[AWL=-0.007, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id At+IsYL+LHqv; Thu, 5 Mar 2009 11:08:37 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 1CC5228C453; Thu, 5 Mar 2009 11:08:37 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfIqq-0004u5-7Z for namedroppers-data0@psg.com; Thu, 05 Mar 2009 19:03:24 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfIqk-0004tU-4p for namedroppers@ops.ietf.org; Thu, 05 Mar 2009 19:03:20 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id A601FA1042; Thu, 5 Mar 2009 19:03:17 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: Tony Finch cc: =?ISO-8859-2?Q?Ond=F8ej_Sur=FD?= , ietf@ietf.org, namedroppers@ops.ietf.org Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: Your message of "Thu, 05 Mar 2009 18:07:35 GMT." References: <20563.1236179832@nsa.vix.com> <36372.1236198273@nsa.vix.com> <41007.1236204089@nsa.vix.com> <93444.1236276110@nsa.vix.com> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Thu, 05 Mar 2009 19:03:17 +0000 Message-ID: <96526.1236279797@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > > so the policy you're arguing for is that clients should always randomize? > > When the client has topology information it should follow that (i.e. rules > 1 - 8). When it doesn't have topology information it should use the order > it gets from the DNS (i.e. rule 10, and historical practice). This lets > the client's recursive server do whatever it thinks is sensible with the > RRset, which is usually round-robin balancing. i can live with that. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From butlermv@ihupt.org Fri Mar 6 02:22:02 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9CE0C3A6C22; Fri, 6 Mar 2009 02:22:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -66.446 X-Spam-Level: X-Spam-Status: No, score=-66.446 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DRUGS_ERECTILE=1, DRUGS_ERECTILE_OBFU=1.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, FR_M_E_D_S=10.357, FUZZY_VPILL=0.687, HELO_DYNAMIC_IPADDR=2.426, J_CHICKENPOX_14=0.6, MANGLED_MEDS=2.3, MANGLED_VIAGRA=2.5, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, SARE_OBFU_VIAGRA=1.666, TT_OBSCURED_VIAGRA=1.652, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4RVwg-WmTLlc; Fri, 6 Mar 2009 02:22:01 -0800 (PST) Received: from host86-163-171-85.range86-163.btcentralplus.com (host86-163-171-85.range86-163.btcentralplus.com [86.163.171.85]) by core3.amsl.com (Postfix) with SMTP id 07C603A6991; Fri, 6 Mar 2009 02:21:36 -0800 (PST) Message-ID: <5735dl1269376lowpan-request@lists.ietf.org> From: "Eli Hooker" <6lowpan-request@lists.ietf.org> To: "Darrel Merrill" <6lowpan-request@lists.ietf.org> X-Originating-IP: 215.118.117.182 by 138.55.192.18; Fri, 06 Mar 2009 12:21:09 +0200 Subject: Your V1agra 0rder #24695 Date: Fri, 06 Mar 2009 05:22:09 -0500 Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Dear Antoinette, All the c0n trolled m e d s you search for at one place http://hendersonpisuj88.angelfire.com/Index.html From owner-namedroppers@ops.ietf.org Fri Mar 6 05:24:28 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 462413A6C27; Fri, 6 Mar 2009 05:24:28 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.147 X-Spam-Level: X-Spam-Status: No, score=-102.147 tagged_above=-999 required=5 tests=[AWL=0.453, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RJSYcKZFPdjQ; Fri, 6 Mar 2009 05:24:27 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 62C483A68F0; Fri, 6 Mar 2009 05:24:27 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfZu1-000HHF-8R for namedroppers-data0@psg.com; Fri, 06 Mar 2009 13:15:49 +0000 Received: from [2001:1890:1112:1::20] (helo=mail.ietf.org) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfZtl-000HG4-Jz for namedroppers@ops.ietf.org; Fri, 06 Mar 2009 13:15:36 +0000 Received: by core3.amsl.com (Postfix, from userid 0) id D73FC3A6C21; Fri, 6 Mar 2009 05:15:01 -0800 (PST) From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org Cc: namedroppers@ops.ietf.org Subject: [dnsext] I-D Action:draft-ietf-dnsext-rfc2672bis-dname-15.txt Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 Message-Id: <20090306131501.D73FC3A6C21@core3.amsl.com> Date: Fri, 6 Mar 2009 05:15:01 -0800 (PST) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS Extensions Working Group of the IETF. Title : Update to DNAME Redirection in the DNS Author(s) : S. Rose, W. Wijngaards Filename : draft-ietf-dnsext-rfc2672bis-dname-15.txt Pages : 18 Date : 2009-03-06 The DNAME record provides redirection for a sub-tree of the domain name tree in the DNS system. That is, all names that end with a particular suffix are redirected to another part of the DNS. This is a revision of the original specification in RFC 2672, also aligning RFC 3363 and RFC 4294 with this revision. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-rfc2672bis-dname-15.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-dnsext-rfc2672bis-dname-15.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2009-03-06050149.I-D@ietf.org> --NextPart-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 6 08:23:55 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8A1803A680A; Fri, 6 Mar 2009 08:23:55 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.564 X-Spam-Level: X-Spam-Status: No, score=-0.564 tagged_above=-999 required=5 tests=[AWL=-0.964, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_INFO=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bEssEva8sLTC; Fri, 6 Mar 2009 08:23:54 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id AEC8C3A6784; Fri, 6 Mar 2009 08:23:54 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LfclF-0003qb-Q2 for namedroppers-data0@psg.com; Fri, 06 Mar 2009 16:18:57 +0000 Received: from [208.86.224.201] (helo=mail.yitter.info) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lfcl9-0003pi-4z for namedroppers@ops.ietf.org; Fri, 06 Mar 2009 16:18:55 +0000 Received: from crankycanuck.ca (69-196-144-230.dsl.teksavvy.com [69.196.144.230]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yitter.info (Postfix) with ESMTPSA id B648F2FEA556 for ; Fri, 6 Mar 2009 16:18:49 +0000 (UTC) Date: Fri, 6 Mar 2009 11:18:48 -0500 From: Andrew Sullivan To: namedroppers@ops.ietf.org Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-rfc2672bis-dname-15.txt Message-ID: <20090306161847.GD12711@shinkuro.com> References: <20090306131501.D73FC3A6C21@core3.amsl.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20090306131501.D73FC3A6C21@core3.amsl.com> User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Fri, Mar 06, 2009 at 05:15:01AM -0800, Internet-Drafts@ietf.org wrote: > Title : Update to DNAME Redirection in the DNS > Author(s) : S. Rose, W. Wijngaards > Filename : draft-ietf-dnsext-rfc2672bis-dname-15.txt > Pages : 18 > Date : 2009-03-06 Dear colleagues, This version is an attempt to address the issues that cropped up during the WGLC some time ago. My apologies for having taken so long to process the comments and see whether the editors (who did the work promptly) have addressed them. In my opinion, Scott and Wouter have addressed the issues raised during last call. If you raised issues, please check to make sure that you agree this document addresses them. Best regards, Andrew -- Andrew Sullivan ajs@shinkuro.com Shinkuro, Inc. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From chaiwat@wonjinco.com Fri Mar 6 16:44:06 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D87313A6900; Fri, 6 Mar 2009 16:44:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -48.596 X-Spam-Level: X-Spam-Status: No, score=-48.596 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DRUGS_ANXIETY=0.01, DRUGS_ANXIETY_OBFU=1, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, FRT_VALIUM1=10.357, FRT_VALIUM2=2.643, FR_M_E_D_S=10.357, FUZZY_VLIUM=0.001, HELO_DYNAMIC_DHCP=1.398, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_CPE=0.5, HOST_EQ_CPE=0.979, J_CHICKENPOX_32=0.6, MANGLED_MEDS=2.3, MANGLED_VALIUM=2.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_OBFU_PART_IUM=0.978, SARE_OBFU_VALIUM=1.666, TT_OBSCURED_VALIUM=0.913, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UxueTulDk1Hx; Fri, 6 Mar 2009 16:44:06 -0800 (PST) Received: from cpe-76-188-244-167.neo.res.rr.com (cpe-76-188-244-167.neo.res.rr.com [76.188.244.167]) by core3.amsl.com (Postfix) with SMTP id E91CD3A6AD0; Fri, 6 Mar 2009 16:44:01 -0800 (PST) Message-ID: <719sp7256lowpan-request@lists.ietf.org> From: "Yolanda Emery" <6lowpan-request@lists.ietf.org> To: "Raul Knight" <6lowpan-request@lists.ietf.org> X-Originating-IP: 192.104.137.32 by 95.80.143.192; Fri, 06 Mar 2009 18:35:34 -0600 Subject: Re: Your Val1um 0rder #431067 Date: Fri, 06 Mar 2009 19:44:34 -0500 Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Dear Eldon, All the c0n trolled m e d s you search for at one place http://perrybajiv68.angelfire.com/Index.html From owner-namedroppers@ops.ietf.org Sat Mar 7 11:01:40 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7E8D228C13C; Sat, 7 Mar 2009 11:01:40 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.546 X-Spam-Level: X-Spam-Status: No, score=-5.546 tagged_above=-999 required=5 tests=[AWL=-0.498, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rv4NnOo0uiKa; Sat, 7 Mar 2009 11:01:39 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 651B03A6B60; Sat, 7 Mar 2009 11:01:39 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lg1eV-0004KW-Pm for namedroppers-data0@psg.com; Sat, 07 Mar 2009 18:53:39 +0000 Received: from [163.117.176.131] (helo=smtp01.uc3m.es) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lg1eP-0004K8-RA for namedroppers@ops.ietf.org; Sat, 07 Mar 2009 18:53:36 +0000 Received: from marcelo-bagnulos-macbook-pro.local (81.pool85-53-139.dynamic.orange.es [85.53.139.81]) by smtp01.uc3m.es (Postfix) with ESMTP id 11F82B4D78D for ; Sat, 7 Mar 2009 19:53:30 +0100 (CET) Message-ID: <49B2C2A9.10404@it.uc3m.es> Date: Sat, 07 Mar 2009 19:53:29 +0100 From: marcelo bagnulo braun User-Agent: Thunderbird 2.0.0.19 (Macintosh/20081209) MIME-Version: 1.0 To: namedroppers@ops.ietf.org Subject: [dnsext] [Fwd: I-D Action:draft-bagnulo-behave-dns64-02.txt] Content-Type: multipart/mixed; boundary="------------060503000502000507030302" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: This is a multi-part message in MIME format. --------------060503000502000507030302 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit We posted a new version of dns64 This version tries to reflect the feedback we got from the dns community, especially in the DNSSEC part feedback is welcome -------- Mensaje original -------- Asunto: I-D Action:draft-bagnulo-behave-dns64-02.txt Fecha: Sat, 7 Mar 2009 10:45:01 -0800 (PST) De: Internet-Drafts@ietf.org Responder a: internet-drafts@ietf.org Para: i-d-announce@ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : DNS64: DNS extensions for Network Address Translation from IPv6 Clients to IPv4 Servers Author(s) : M. Bagnulo, et al. Filename : draft-bagnulo-behave-dns64-02.txt Pages : 27 Date : 2009-03-07 DNS64 is a mechanism for synthesizing AAAA records from A records. DNS64 is used with NAT64, an IPv6 IPv4 translator to enable client- server communication between an IPv6-only client and an IPv4-only server, without requiring any changes to either the IPv6 or the IPv4 node, for the class of applications that work through NATs. This document specifies DNS64, and provides suggestions on how it should be deployed in conjunction with NAT64. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-bagnulo-behave-dns64-02.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --------------060503000502000507030302 Content-Type: Message/External-body; name="draft-bagnulo-behave-dns64-02.txt" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="draft-bagnulo-behave-dns64-02.txt" Content-Type: text/plain Content-ID: <2009-03-07103756.I-D@ietf.org> --------------060503000502000507030302 Content-Type: text/plain; name="Parte del mensaje adjunto" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="Parte del mensaje adjunto" _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt --------------060503000502000507030302-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From levesque_diane@videotron.ca Sat Mar 7 15:00:04 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 74A843A6A95; Sat, 7 Mar 2009 15:00:04 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -80.51 X-Spam-Level: X-Spam-Status: No, score=-80.51 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, J_CHICKENPOX_44=0.6, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX_NOV5A=1.062, SARE_SPEC_ROLEX_NOV5F=0.666, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4fOlNbtUY7eq; Sat, 7 Mar 2009 15:00:03 -0800 (PST) Received: from c-76-121-219-8.hsd1.wa.comcast.net (c-76-121-219-8.hsd1.wa.comcast.net [76.121.219.8]) by core3.amsl.com (Postfix) with SMTP id 826703A67F9; Sat, 7 Mar 2009 14:59:59 -0800 (PST) Message-ID: X-Originating-IP: 81.44.224.195 by 174.200.156.97; Sun, 08 Mar 2009 01:55:31 +0300 To: "Ginger Velasquez" From: "German Arredondo" Date: Sat, 07 Mar 2009 18:00:31 -0500 Subject: Rep watches make great gifts Content-Type: text/plain; Content-Transfer-Encoding: 7Bit So you thought owning a brand name watch was out of your reach? Think again! http://hendersonvecov46.angelfire.com/Index.html So, come visit Exqu1site Reps, the famous watch-portal where thousands of satisfied customers have already found that superb imitation time piece for just a few hundred dollars. http://hendersonvecov46.angelfire.com/Index.html Don't delay your pleasure: our incredible watch collection awaits you at Exqu1site Reps, so come visit us now! From wilfried.drijboomf@telus.com Sat Mar 7 15:56:24 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 60C983A6AC5; Sat, 7 Mar 2009 15:56:24 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -68.086 X-Spam-Level: X-Spam-Status: No, score=-68.086 tagged_above=-999 required=5 tests=[BAYES_95=3, FH_HELO_EQ_CHARTER=2.175, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HOST_EQ_CHARTER=1.295, HOST_EQ_DHCP=1.295, J_CHICKENPOX_44=0.6, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX_NOV5A=1.062, TVD_RCVD_IP=1.931, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i9k+SxV8Ff9V; Sat, 7 Mar 2009 15:56:23 -0800 (PST) Received: from 75-131-86-43.dhcp.thbd.la.charter.com (75-131-86-43.dhcp.thbd.la.charter.com [75.131.86.43]) by core3.amsl.com (Postfix) with SMTP id 3CB423A677C; Sat, 7 Mar 2009 15:56:19 -0800 (PST) From: "Julian Busby" To: "Delmar Herring" Subject: Emporio Armani cheaper than you could imagine! Date: Sat, 07 Mar 2009 18:56:55 -0500 Message-ID: <270Xhqqdd.x602I0185aaa-archive@lists.ietf.org> Content-Type: text/plain; Content-Transfer-Encoding: 7Bit There's no time like the present, and isn't it time you got yourself a beautiful designer watch? http://sandersvezic5.angelfire.com/Index.html So, come visit Exqu1site Reps, the famous watch-portal where thousands of satisfied customers have already found that superb imitation time piece for just a few hundred dollars. http://sandersvezic5.angelfire.com/Index.html Don't delay your pleasure: our incredible watch collection awaits you at Exqu1site Reps, so come visit us now! From rjb@dobil.com Sun Mar 8 04:09:31 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 63BF23A6AC9; Sun, 8 Mar 2009 04:09:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -87.36 X-Spam-Level: X-Spam-Status: No, score=-87.36 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_EQ_RU=0.595, HOST_EQ_RU=0.875, HOST_EQ_STATIC=1.172, J_CHICKENPOX_44=0.6, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fgh6-0udgOPz; Sun, 8 Mar 2009 04:09:30 -0700 (PDT) Received: from oska.static.corbina.ru (oska.static.corbina.ru [78.107.233.89]) by core3.amsl.com (Postfix) with SMTP id DE4FB3A6A48; Sun, 8 Mar 2009 04:09:23 -0700 (PDT) To: "Kristen Hart" Date: Sun, 08 Mar 2009 07:09:59 -0500 Subject: Looking for a rep watch? Message-ID: From: "Kerry Penn" Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Money is tight, times are hard. Christmas is over. Time to get a new Watch! http://gonzalezpilaq96.angelfire.com/Index.html Take advantage of Exqu1site Reps tremendous specials, and get yourself a superb designer watch imitation for just a couple of hundred bucks. Plus an extra 15 percent discount when you get two time pieces in the same purchase! http://gonzalezpilaq96.angelfire.com/Index.html Check out our extensive inventory and enjoy the fastest shipping available online! See you at Exqu1site Reps! From bibbib77@ms55.hinet.net Sun Mar 8 12:45:32 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 67AFB28C104; Sun, 8 Mar 2009 12:45:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -70.146 X-Spam-Level: X-Spam-Status: No, score=-70.146 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_AHBL_RHSBL=0.692, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_DYNAMIC_IPADDR2=4.395, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_DE=0.35, HELO_EQ_DYNAMIC=1.144, HELO_EQ_IP_ADDR=1.119, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, J_CHICKENPOX_44=0.6, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RCVD_NUMERIC_HELO=2.067, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX_NOV5A=1.062, TVD_RCVD_IP=1.931, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nknWHw4VDBVX; Sun, 8 Mar 2009 12:45:31 -0700 (PDT) Received: from 77.47.108.3.dynamic.cablesurf.de (77.47.108.3.dynamic.cablesurf.de [77.47.108.3]) by core3.amsl.com (Postfix) with SMTP id F1FD43A6915; Sun, 8 Mar 2009 12:45:27 -0700 (PDT) From: "Miguel Moses" To: "Sammy Jeffers" Subject: IWC better than you could imagine! Date: Sun, 08 Mar 2009 15:46:03 -0500 Message-ID: <80Kpfe.s23O2745aaa-archive@lists.ietf.org> Content-Type: text/plain; Content-Transfer-Encoding: 7Bit There are things in life that seem unattainable. Owning a fine watch doesn't have to be one of them. http://griffinfoxym25.angelfire.com/Index.html Take advantage of Exqu1site Reps tremendous specials, and get yourself a superb designer watch imitation for just a couple of hundred bucks. Plus an extra 15 percent discount when you get two time pieces in the same purchase! http://griffinfoxym25.angelfire.com/Index.html Click here now and enjoy our fast shipping and safe billing method while getting the most realistic look on a fine reproduction timepiece. From owner-namedroppers@ops.ietf.org Sun Mar 8 21:32:08 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CBA343A6A4C; Sun, 8 Mar 2009 21:32:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.589 X-Spam-Level: X-Spam-Status: No, score=-0.589 tagged_above=-999 required=5 tests=[AWL=-0.151, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i0-1jSc3tXeY; Sun, 8 Mar 2009 21:32:08 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id B26583A67A2; Sun, 8 Mar 2009 21:32:07 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LgX38-0003q6-Hk for namedroppers-data0@psg.com; Mon, 09 Mar 2009 04:25:10 +0000 Received: from [208.218.130.12] (helo=gis.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LgX32-0003po-8h for namedroppers@ops.ietf.org; Mon, 09 Mar 2009 04:25:07 +0000 Received: from [127.0.0.1] ([63.209.224.130]) by mx04.gis.net; Mon, 09 Mar 2009 00:24:39 -0400 Message-ID: <49B49A19.7090805@gis.net> Date: Mon, 09 Mar 2009 00:24:57 -0400 From: Danny Mayer Reply-To: mayer@gis.net User-Agent: Thunderbird 2.0.0.19 (Windows/20081209) MIME-Version: 1.0 To: Paul Vixie CC: Florian Weimer , Tony Finch , namedroppers@ops.ietf.org, ietf@ietf.org Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems References: <20090304145901.GC6574@shinkuro.com> <25201.1236185908@nsa.vix.com> <37326.1236199403@nsa.vix.com> <823adswazg.fsf@mid.bfk.de> <93327.1236275992@nsa.vix.com> In-Reply-To: <93327.1236275992@nsa.vix.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Paul Vixie wrote: >>> some number of vendors have depended on revenue from selling this >>> feature but i'd say that only a small number of sites ever saw any >>> benefit from it. >> pool.ntp.org, security.debian.org, rsync.gentoo.org, >> [a-o].ns.spamhaus.org, [a-n].surbl.org. In general the "large RRset" >> approach is used by those who do not buy special DNS appliance to serve >> their zones, I think. > > i'm not sure we're in the same discussion. pool.ntp.org is using short > ttl and silent truncation and round robin. there's no geo-ip stability > that could be hurt by client-side reordering or rerandomizing. and the > nameserver examples you gave are all subject to rdns RTT sorting. the > "large RRset" approach works just fine, and is not related to Rule 9. > pool.ntp.org divides itself up into subdomains (okay they are really hostnames) for each country-code so that you get addresses in that country code. NTP in the future will take advantage of the fact that it gets back multiple addresses and will use more than just one of them to find NTP servers. The order does not really matter and it's better that there be no particular order so that we do not overload any one server. Danny -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Sun Mar 8 23:44:37 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0F5FC3A69FF; Sun, 8 Mar 2009 23:44:37 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.247 X-Spam-Level: X-Spam-Status: No, score=-2.247 tagged_above=-999 required=5 tests=[AWL=-1.052, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E9ErzgOCQrFk; Sun, 8 Mar 2009 23:44:35 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 89E3D3A69CA; Sun, 8 Mar 2009 23:44:35 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LgZ8d-000BIL-NY for namedroppers-data0@psg.com; Mon, 09 Mar 2009 06:38:59 +0000 Received: from [216.52.237.208] (helo=x8.develooper.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LgZ8N-000BHq-Cv for namedroppers@ops.ietf.org; Mon, 09 Mar 2009 06:38:56 +0000 Received: (qmail 31924 invoked from network); 9 Mar 2009 06:38:42 -0000 Received: from gw.develooper.com (HELO embla.bn.dev) (ask@mail.dev@64.81.84.140) by smtp.develooper.com with ESMTPA; 9 Mar 2009 06:38:42 -0000 Cc: Paul Vixie , Florian Weimer , Tony Finch , namedroppers@ops.ietf.org, ietf@ietf.org Message-Id: <30A508ED-E5E9-4C0C-AF66-DEE0F65229B0@develooper.com> From: =?ISO-8859-1?Q?Ask_Bj=F8rn_Hansen?= To: mayer@gis.net In-Reply-To: <49B49A19.7090805@gis.net> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v930.3) Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems Date: Sun, 8 Mar 2009 23:38:41 -0700 References: <20090304145901.GC6574@shinkuro.com> <25201.1236185908@nsa.vix.com> <37326.1236199403@nsa.vix.com> <823adswazg.fsf@mid.bfk.de> <93327.1236275992@nsa.vix.com> <49B49A19.7090805@gis.net> X-Mailer: Apple Mail (2.930.3) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Mar 8, 2009, at 21:24, Danny Mayer wrote: >> i'm not sure we're in the same discussion. pool.ntp.org is using >> short >> ttl and silent truncation and round robin. there's no geo-ip >> stability >> that could be hurt by client-side reordering or rerandomizing. and >> the >> nameserver examples you gave are all subject to rdns RTT sorting. >> the >> "large RRset" approach works just fine, and is not related to Rule 9. >> > > pool.ntp.org divides itself up into subdomains (okay they are really > hostnames) for each country-code so that you get addresses in that > country code. NTP in the future will take advantage of the fact that > it > gets back multiple addresses and will use more than just one of them > to > find NTP servers. The order does not really matter and it's better > that > there be no particular order so that we do not overload any one > server. Hi everyone, Funny the NTP Pool was brought up as an example. I'm looking after pool.ntp.org and I actually subscribed earlier in the week to comment on the round robin issue. :-) It's a little more complicated than what Paul described above (although it worked like that until ~2005 when I took over maintaining the system). When you query pool.ntp.org (or 1.pool.ntp.org etc), the DNS server does the "IP to geo-location" thing to automatically select the "sub- zone". You can also explicitly ask for the sub-zone with 0.us.pool.ntp.org, 0.north-america.pool.ntp.org, etc. Paul is right that there's no problems with geo-stability because the DNS server will generally just give you servers from one area anyway; but we can get hurt by dumb re-ordering. For distributing the load[1] we depend on clients making mostly random picks when receiving multiple A records. Within each "zone" we have anywhere from a dozen to 1000+ servers[2]. The DNS server will return a list of A records weighted by the bandwidth the server administrator have told us they have. This is absolutely crucial. Before I implemented the current system, we just used a frequently updated zone with rotating A records and once or twice a day server operators with a small pipe (say a T1) or a small scale "router" would get overloaded enough that they'd leave the pool. It's critical to the longevity and the geographic diversity of the pool that "small operators" are able to contribute; even if they handle much less traffic than others. If "RFC 3484 section 6 rule 9" really is implemented with "matching" prefixes all the way up to /2, I'd worry that could mess up the weighting we do and cause operators on "unlucky" IP addresses to have to stop offering their service. Since the DNS server does most of the weighting by giving just a few records from a usually much larger set, I could just return fewer A records to force "my choice". But returning ~5 A records is valuable - some NTP servers knows how to use multiple A records from one lookup (ntpd in the future being one of them, as Danny pointed out). Having the client be "smart" would be absolutely unhelpful. Someone was arguing that the client might have useful network knowledge to apply. I don't know of any actual implementations of that whereas there are lots of deployed implementations with the DNS server being smart and/or deliberate about the records returned. - ask [1] The NTP Pool is used a lot. You'd have an unlikely network to not have some local users. It's the default in for example most Linux distributions and many consumer devices. Practically none of the manufacturers contribute anything back; but the whole point of the NTP Pool is to preserve NTP as a useful public resource, so better us than some poor overloaded NIST server! I don't know how many clients we have; but the name servers do about 20m requests a day; and that's basically only counting "dumb" ntp clients because the long running daemons generally just do one set of lookups on startup. It also, obviously, doesn't count the effects of local caches. In any case: It's a lot of users. [2] There are ~1743 active server in the pool right now distributed around the world: http://www.pool.ntp.org/zone - about 1000 in Europe and just under 600 in North America, http://www.pool.ntp.org/zone/ europe and http://www.pool.ntp.org/zone/north-america -- http://develooper.com/ - http://askask.com/ -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 9 00:49:06 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5BBB928C0D6; Mon, 9 Mar 2009 00:49:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.125 X-Spam-Level: X-Spam-Status: No, score=0.125 tagged_above=-999 required=5 tests=[AWL=-0.625, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ix8x8m0+dch0; Mon, 9 Mar 2009 00:49:05 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 1F84D3A691B; Mon, 9 Mar 2009 00:49:05 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lga9Z-000En7-95 for namedroppers-data0@psg.com; Mon, 09 Mar 2009 07:44:01 +0000 Received: from [193.227.124.2] (helo=mx01.bfk.de) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lga9R-000EmY-2K for namedroppers@ops.ietf.org; Mon, 09 Mar 2009 07:43:58 +0000 Received: from mx00.int.bfk.de ([10.119.110.2]) by mx01.bfk.de with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) id 1Lga91-000825-CR; Mon, 09 Mar 2009 08:43:27 +0100 Received: from fweimer by bfk.de with local id 1Lga9G-0001zQ-IY; Mon, 09 Mar 2009 08:43:42 +0100 To: Paul Vixie Cc: Tony Finch , namedroppers@ops.ietf.org, ietf@ietf.org Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems References: <20090304145901.GC6574@shinkuro.com> <25201.1236185908@nsa.vix.com> <37326.1236199403@nsa.vix.com> <823adswazg.fsf@mid.bfk.de> <93327.1236275992@nsa.vix.com> From: Florian Weimer Date: Mon, 09 Mar 2009 08:43:42 +0100 In-Reply-To: <93327.1236275992@nsa.vix.com> (Paul Vixie's message of "Thu, 05 Mar 2009 17:59:52 +0000") Message-ID: <8263ijdtu9.fsf@mid.bfk.de> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: * Paul Vixie: >> > some number of vendors have depended on revenue from selling this >> > feature but i'd say that only a small number of sites ever saw any >> > benefit from it. >>=20 >> pool.ntp.org, security.debian.org, rsync.gentoo.org, >> [a-o].ns.spamhaus.org, [a-n].surbl.org. In general the "large RRset" >> approach is used by those who do not buy special DNS appliance to serve >> their zones, I think. > > i'm not sure we're in the same discussion. pool.ntp.org is using short > ttl and silent truncation and round robin. there's no geo-ip stability > that could be hurt by client-side reordering or rerandomizing. The NTP issue is rather specific and affected ntpd when you had server pool.ntp.org server pool.ntp.org server pool.ntp.org in your configuration. And some those mirrors I mentioned are affected by *deterministic* reordering. They don't care if traffic hits the closest instance, they want to spread the load (security.debian.org, for instance, is difficult to serve from a single node from time to time). > and the nameserver examples you gave are all subject to rdns RTT > sorting. If you follow Rule 9, you haven't got that many RTTs to sort by: Rule 10 ensures that there is a single IP address you should use as long as the service on it is reachable. Unless you cheat, deviate from Rule 9, contact additional servers, and gather additional RTTs--but you have to cheat to get that data. > and they have to use drastically low TTL's to prevent mobility from > breaking their assumptions. and they have no way to cope with opendns or > any other global or semi-coherent caching layer. and even when they use > TTL=3D0 and happen to be talking to an rdns who shares topology with the > stub, they're making an educated guess without knowing what kinds of > wormholes the stub may have access to, whether VPN, private interconnects > that don't show up in global BGP, or whatever. Well, if it's not a good idea, why are most large web sites served this way? I suspect there is currently no better way to distribute initial client requests than to play DNS tricks. --=20 Florian Weimer BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstra=DFe 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From gwen_ingram@cable.comcast.com Mon Mar 9 01:02:04 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 90AEC3A6B8C; Mon, 9 Mar 2009 01:02:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -80.921 X-Spam-Level: X-Spam-Status: No, score=-80.921 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_ROLEX=5, HELO_DYNAMIC_HCC=4.295, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, J_CHICKENPOX_44=0.6, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX=1.666, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DrMePE0KXvAH; Mon, 9 Mar 2009 01:02:03 -0700 (PDT) Received: from cpc1-nott4-0-0-cust228.nott.cable.ntl.com (cpc1-nott4-0-0-cust228.nott.cable.ntl.com [80.6.120.229]) by core3.amsl.com (Postfix) with SMTP id 7BCBC3A6820; Mon, 9 Mar 2009 01:02:00 -0700 (PDT) X-Originating-IP: 205.208.128.131 by 232.0.60.2; Mon, 09 Mar 2009 10:59:36 +0200 Message-ID: From: "Ramona Beck" To: "Gabrielle Laird" Subject: March promo on watches Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Date: Mon, 09 Mar 2009 04:02:36 -0500 Loving yourself is the first step in loving life. And what better way to do it, than by getting yourself a fine designer watch? http://phillipsjosav39.angelfire.com/Index.html Exqu1site Reps has it all: Rolex, Cartier, Tag Heuer, Breitling, and many more, for a fraction of the price of an original watch. And don't forget: when you order two watches, you get an extra 15 percent discount over our already low prices! http://phillipsjosav39.angelfire.com/Index.html Don't delay your pleasure: our incredible watch collection awaits you at Exqu1site Reps, so come visit us now! From owner-namedroppers@ops.ietf.org Mon Mar 9 01:48:02 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AF01D3A6BE0; Mon, 9 Mar 2009 01:48:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.927 X-Spam-Level: X-Spam-Status: No, score=-3.927 tagged_above=-999 required=5 tests=[AWL=-0.632, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, J_CHICKENPOX_33=0.6, J_CHICKENPOX_39=0.6, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DBR-tLLMhidC; Mon, 9 Mar 2009 01:48:02 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id C5CA43A6901; Mon, 9 Mar 2009 01:48:01 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lgb4j-000IDX-80 for namedroppers-data0@psg.com; Mon, 09 Mar 2009 08:43:05 +0000 Received: from [198.32.6.68] (helo=vacation.karoshi.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lgb4b-000ICV-DP for namedroppers@ops.ietf.org; Mon, 09 Mar 2009 08:43:02 +0000 Received: from karoshi.com (localhost.localdomain [127.0.0.1]) by vacation.karoshi.com (8.12.8/8.12.8) with ESMTP id n298eRff030600; Mon, 9 Mar 2009 08:40:27 GMT Received: (from bmanning@localhost) by karoshi.com (8.12.8/8.12.8/Submit) id n298eRJ8030599; Mon, 9 Mar 2009 08:40:27 GMT Date: Mon, 9 Mar 2009 08:40:27 +0000 From: bmanning@vacation.karoshi.com To: namedroppers@ops.ietf.org, dhcp-users@lists.isc.org Subject: [dnsext] Nearly there ... Message-ID: <20090309084027.GA30550@vacation.karoshi.com.> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Kanda has done yeomans work here. The use of native IPv6, non-dual stack islands - talking w/ the IPv4 internet works nearly seamlessly. Have a couple of hacks to DHCPv6 and then this should be seamless. ---- $Karaba: 00ISI/IVI/00README.DNS_Update,v 1.5 2009-03-08 01:30:55 mk Exp $ DNS Update for IVI(stateless address translator) "DNS Update for IVI" means DHCPv6 server updates both AAAA(IVI6) and A(IVI4) RR (and also these PTR R Rs). This document is described how to build DHCPv6 server/client and set up DNS(Bind)/DHCPv6 for DNS Upda te. ... o Combination of DNSSEC and DNS Update We confirmed the DNSSEC incremental signing for IVI(DNS Update) zone(s) on BIND version 9.6.0-P1. (You have to use BIND version 9.6.0 or later.) In general, there is no IVI(Stateless address Translator) specific matter. We roughly explain the generic DNSSEC configuration, please read the BIND document for more details . ----- The code can be found here: ftp.isi.edu/pub/bill/ivi-2009 --bill -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From juanesmaggie@yahoo.co.uk Mon Mar 9 04:54:47 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0346C28C182; Mon, 9 Mar 2009 04:54:47 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -81.928 X-Spam-Level: X-Spam-Status: No, score=-81.928 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_DYNAMIC_HCC=4.295, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, J_CHICKENPOX_44=0.6, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX_NOV5F=0.666, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WgUyG+M5Aw0r; Mon, 9 Mar 2009 04:54:46 -0700 (PDT) Received: from cpc1-farn3-0-0-cust214.glfd.cable.ntl.com (cpc1-farn3-0-0-cust214.glfd.cable.ntl.com [86.7.208.215]) by core3.amsl.com (Postfix) with SMTP id D7CF428C1AD; Mon, 9 Mar 2009 04:54:38 -0700 (PDT) X-Originating-IP: 152.56.232.80 by 92.181.40.232; Mon, 09 Mar 2009 14:53:15 +0200 Message-ID: From: "Frederick Kendall" To: "Normand Slater" Subject: One of a kind Omega reps Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Date: Mon, 09 Mar 2009 07:55:15 -0500 So you thought owning a brand name watch was out of your reach? Think again! http://turnerbuvib77.angelfire.com/Index.html How does 90 percent off sound? Great, of course! And greatness is what awaits you at Exqu1site Reps, the preferred online store where you will find the finest watch imitations for exactly that: 90% off! http://turnerbuvib77.angelfire.com/Index.html So, what are you waiting for? Get that unique timepiece today at Exqu1site Reps! From owner-namedroppers@ops.ietf.org Mon Mar 9 08:00:34 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B5B7D3A6C8B; Mon, 9 Mar 2009 08:00:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.766 X-Spam-Level: X-Spam-Status: No, score=-0.766 tagged_above=-999 required=5 tests=[AWL=-1.166, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_INFO=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p8iT7wubSoKg; Mon, 9 Mar 2009 08:00:34 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id CBDD23A6CD3; Mon, 9 Mar 2009 08:00:26 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lggre-000EMi-Vh for namedroppers-data0@psg.com; Mon, 09 Mar 2009 14:53:58 +0000 Received: from [208.86.224.201] (helo=mail.yitter.info) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LggrZ-000EMM-Ly for namedroppers@ops.ietf.org; Mon, 09 Mar 2009 14:53:56 +0000 Received: from crankycanuck.ca (69-196-144-230.dsl.teksavvy.com [69.196.144.230]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yitter.info (Postfix) with ESMTPSA id 2FD932FEA4F4 for ; Mon, 9 Mar 2009 14:53:52 +0000 (UTC) Date: Mon, 9 Mar 2009 10:53:50 -0400 From: Andrew Sullivan To: namedroppers@ops.ietf.org Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnssec-rsasha256-11.txt Message-ID: <20090309145350.GC16211@shinkuro.com> References: <20090227151502.1DBE53A6A69@core3.amsl.com> <49AE3B50.6050003@NLnetLabs.nl> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <49AE3B50.6050003@NLnetLabs.nl> User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Dear colleagues, On Wed, Mar 04, 2009 at 09:26:56AM +0100, Jelte Jansen wrote: > So please take another look, i think it's about done now. I note we haven't had any discussion of this text since Jelte posted the draft. Those who objected during WGLC are especially requested to comment. I'd like to send this draft to the IESG, per our previous plan. Thanks, A -- Andrew Sullivan ajs@shinkuro.com Shinkuro, Inc. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 9 09:02:32 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 46F973A6C86; Mon, 9 Mar 2009 09:02:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.605 X-Spam-Level: X-Spam-Status: No, score=-2.605 tagged_above=-999 required=5 tests=[AWL=-0.006, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G2GP2G0R5yHt; Mon, 9 Mar 2009 09:02:27 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 9C9C03A6358; Mon, 9 Mar 2009 09:02:27 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LghpO-000JEE-J2 for namedroppers-data0@psg.com; Mon, 09 Mar 2009 15:55:42 +0000 Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LghpC-000JC6-AQ for namedroppers@ops.ietf.org; Mon, 09 Mar 2009 15:55:37 +0000 Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 994ABA101D; Mon, 9 Mar 2009 15:55:29 +0000 (UTC) (envelope-from vixie@nsa.vix.com) From: Paul Vixie To: Florian Weimer cc: Tony Finch , namedroppers@ops.ietf.org, ietf@ietf.org Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems In-Reply-To: Your message of "Mon, 09 Mar 2009 08:43:42 +0100." <8263ijdtu9.fsf@mid.bfk.de> References: <20090304145901.GC6574@shinkuro.com> <25201.1236185908@nsa.vix.com> <37326.1236199403@nsa.vix.com> <823adswazg.fsf@mid.bfk.de> <93327.1236275992@nsa.vix.com> <8263ijdtu9.fsf@mid.bfk.de> X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1 Date: Mon, 09 Mar 2009 15:55:29 +0000 Message-ID: <46686.1236614129@nsa.vix.com> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > The NTP issue is rather specific and affected ntpd when you had > > server pool.ntp.org > server pool.ntp.org > server pool.ntp.org > > in your configuration. > > And some those mirrors I mentioned are affected by *deterministic* > reordering. They don't care if traffic hits the closest instance, > they want to spread the load (security.debian.org, for instance, is > difficult to serve from a single node from time to time). thanks for explaining that. > > and the nameserver examples you gave are all subject to rdns RTT > > sorting. > > If you follow Rule 9, you haven't got that many RTTs to sort by: Rule > 10 ensures that there is a single IP address you should use as long as > the service on it is reachable. Unless you cheat, deviate from Rule > 9, contact additional servers, and gather additional RTTs--but you > have to cheat to get that data. i don't know any recursive nameservers that follow RFC 3483 for authority server selection? (your example here was of authority nameservers.) > > and they have to use drastically low TTL's to prevent mobility from > > breaking their assumptions. and they have no way to cope with opendns > > or any other global or semi-coherent caching layer. and even when they > > use TTL=0 and happen to be talking to an rdns who shares topology with > > the stub, they're making an educated guess without knowing what kinds > > of wormholes the stub may have access to, whether VPN, private > > interconnects that don't show up in global BGP, or whatever. > > Well, if it's not a good idea, why are most large web sites served > this way? nobody ever got fired for buying $whatever. so: great marketing trumps any kind of engineering whether good or bad. > I suspect there is currently no better way to distribute initial > client requests than to play DNS tricks. since the web protocols support both permanent and temporary redirects, i've always preferred approaches like IBM's over approaches like akamai's. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 9 10:15:39 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 279173A6CC9; Mon, 9 Mar 2009 10:15:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.742 X-Spam-Level: X-Spam-Status: No, score=-2.742 tagged_above=-999 required=5 tests=[AWL=-3.857, BAYES_00=-2.599, HELO_LH_HOME=3.714] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mO65sgx8IPmN; Mon, 9 Mar 2009 10:15:38 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id EA8B03A6C37; Mon, 9 Mar 2009 10:15:36 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lgizr-000OqT-MS for namedroppers-data0@psg.com; Mon, 09 Mar 2009 17:10:35 +0000 Received: from [2001:4f8:3:bb:2e0:81ff:fe52:9971] (helo=mail2.ntp.org) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lgizl-000Oq0-RK for namedroppers@ops.ietf.org; Mon, 09 Mar 2009 17:10:32 +0000 Received: from firewall.antoniuk.lan (mail.antoniuk.md [65.86.158.146]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail2.ntp.org (Postfix) with ESMTP id 798FA39904; Mon, 9 Mar 2009 17:10:28 +0000 (UTC) (envelope-from mayer@gis.net) Received: from [198.22.153.32] (helo=[10.60.98.59]) by firewall.antoniuk.lan with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from ) id 1Lgizb-0001fl-CV; Mon, 09 Mar 2009 13:10:19 -0400 Message-ID: <49B54D84.5010003@gis.net> Date: Mon, 09 Mar 2009 13:10:28 -0400 From: Danny Mayer Reply-To: mayer@gis.net User-Agent: Thunderbird 2.0.0.19 (Windows/20081209) MIME-Version: 1.0 To: Florian Weimer Cc: Paul Vixie , Tony Finch , namedroppers@ops.ietf.org, ietf@ietf.org Subject: Re: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems References: <20090304145901.GC6574@shinkuro.com> <25201.1236185908@nsa.vix.com> <37326.1236199403@nsa.vix.com> <823adswazg.fsf@mid.bfk.de> <93327.1236275992@nsa.vix.com> <8263ijdtu9.fsf@mid.bfk.de> In-Reply-To: <8263ijdtu9.fsf@mid.bfk.de> X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-kostecke.net-MailScanner: Found to be clean X-kostecke.net-MailScanner-From: mayer@gis.net Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Florian Weimer wrote: > * Paul Vixie: > >>>> some number of vendors have depended on revenue from selling this >>>> feature but i'd say that only a small number of sites ever saw any >>>> benefit from it. >>> pool.ntp.org, security.debian.org, rsync.gentoo.org, >>> [a-o].ns.spamhaus.org, [a-n].surbl.org. In general the "large RRset" >>> approach is used by those who do not buy special DNS appliance to serve >>> their zones, I think. >> i'm not sure we're in the same discussion. pool.ntp.org is using short >> ttl and silent truncation and round robin. there's no geo-ip stability >> that could be hurt by client-side reordering or rerandomizing. > > The NTP issue is rather specific and affected ntpd when you had > > server pool.ntp.org > server pool.ntp.org > server pool.ntp.org > In your case it should read server de.pool.ntp.org iburst server de.pool.ntp.org iburst server de.pool.ntp.org iburst but that can result in your getting the same IP address for each of them which is a problem particularly if you have remembered the last query. Use of the new config option pool de.pool.ntp.org iburst would avoid that since it uses up to 10 IP addresses for NTP servers to use from the list of IP addresses returned by the one getaddrinfo() query. Here too you want to avoid any kind of preferred order. The use of more than one returned address completely obviates the need for RFC3484 which somehow assumes that you are only going to use one address. Section 6 assumes prior knowledge of the addresses returned, either by the O/S or the application. For example, Rule 1 talks about unreachable addresses, but we won't know if they are unreachable unless we try that address or have some OOB means of knowing and in any case are they temporarily unreachable or permanently unreachable? Rule 3 talks about deprecated addresses. What's that and how would anyone know if an address is deprecated? Also if it is deprecated why is the DNS returning it? Danny -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 9 10:45:53 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 060FE3A6CE6; Mon, 9 Mar 2009 10:45:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.83 X-Spam-Level: X-Spam-Status: No, score=-0.83 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_AT=0.424, HOST_EQ_AT=0.745, J_CHICKENPOX_91=0.6] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id shG68cUKFCmq; Mon, 9 Mar 2009 10:45:48 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 94AEC28C252; Mon, 9 Mar 2009 10:45:45 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LgjU9-0000p1-Rj for namedroppers-data0@psg.com; Mon, 09 Mar 2009 17:41:53 +0000 Received: from [2001:62a:4:25::25:115] (helo=grace.univie.ac.at) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LgjU2-0000oV-2x for namedroppers@ops.ietf.org; Mon, 09 Mar 2009 17:41:49 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univie.ac.at; s=rev1; h=Message-ID:Date:From:MIME-Version:To: Subject:References:In-Reply-To:Content-Type; bh=1n9FPLeChlbtQx88 pqt9j+jewnaDEVGRdpyEoCLQLu8=; b=gf5fl50Apc3ZKzmJ7L1wVVqmKTrmbIuG YIT1lirdfYbOi+14dXHAJcn9JzrFWX4zEQFhu+IuvIQ5M6u+JqOD6dJ2UQPZSMQD iAEc2ldqkfqyAa7qTwcMfU2qGr05vJp0kNZVjr1hsQrphfv8opSi3Q7RMqfOXVDL pZ4myXt1Lmk= Received: from justin.univie.ac.at ([131.130.3.111] helo=justin.univie.ac.at) by grace.univie.ac.at with esmtp (Exim 4.69) (envelope-from ) id 1LgjU0-0006vt-35 for namedroppers@ops.ietf.org; Mon, 09 Mar 2009 18:41:44 +0100 Received: from [2001:62a:4:203:215:60ff:fea0:bcb2] by justin.univie.ac.at with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from ) id 1LgjTz-0002Vi-UW; Mon, 09 Mar 2009 18:41:44 +0100 Message-ID: <49B554D6.8070100@univie.ac.at> Date: Mon, 09 Mar 2009 18:41:42 +0100 From: ap User-Agent: Thunderbird 2.0.0.19 (X11/20081227) MIME-Version: 1.0 To: namedroppers@ops.ietf.org Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-rfc2672bis-dname-15.txt References: <20090306131501.D73FC3A6C21@core3.amsl.com> In-Reply-To: <20090306131501.D73FC3A6C21@core3.amsl.com> Content-Type: multipart/mixed; boundary="------------010803040908060705050000" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: This is a multi-part message in MIME format. --------------010803040908060705050000 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Hi everyone, apologies if one of these points is discussed already. I've checked the archive and didn't found any hint. > Rose & Wijngaards Expires September 7, 2009 [Page 5] > > Internet-Draft DNAME Redirection March 2009 > > > In the table below, the QNAME refers to the query name. The owner is > the DNAME owner domain name, and the target refers to the target of > the DNAME record. The result is the resulting name after performing > the DNAME substitution on the query name. "no match" means that the > query did not match the DNAME and thus no substitution is performed > and a possible error message is returned (if no other result is > possible). In the examples below, 'cyc' and 'shortloop' contain > loops. > > QNAME owner DNAME target result > ---------------- -------------- -------------- ----------------- > com. example.com. example.net. > example.com. example.com. example.net. > a.example.com. example.com. example.net. a.example.net. > a.b.example.com. example.com. example.net. a.b.example.net. > ab.example.com. b.example.com. example.net. > foo.example.com. example.com. example.net. foo.example.net. > a.x.example.com. x.example.com. example.net. a.example.net. > a.example.com. example.com. y.example.net. a.y.example.net. > cyc.example.com. example.com. example.com. cyc.example.com. > cyc.example.com. example.com. c.example.com. cyc.c.example.com. It's obvious these are the results after the 1st step of iteration. But for a common nameserver administrator (me) the reassessed domainname / DNS-answer after processing DNAME substitution would be of interest. As long as DNAME chains are allowed, the last two lines above will result in an error due to infinite DNAME looping. And as you wrote in 2.4. a RR for c.example.com/cyc.example.com./cyc.c.example.com. MUST NOT exist. This is a second point why these queries result to an error/no name error/no data error whatsoever. On the other hand > shortloop.x.x. x. . shortloop.x. > shortloop.x. x. . shortloop. will give shortloop. both. Just a proposal for a footnote to this example. In 2.4 I've missed a hint like: DNAME Records pointing to itself or down to a subdomain are logical MUST NOT use cases and should be checked at zone loading time. 5.1 does not match too. If this sentence in 2.3 > DNAME RRs are not allowed at the parent side of a delegation point > but are allowed at a zone apex. address' my point, then I guess it is not stressed strictly enough. Andreas > > Table 1. DNAME Substitution Examples. > Internet-Drafts@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the DNS Extensions Working Group of the IETF. > > > Title : Update to DNAME Redirection in the DNS > Author(s) : S. Rose, W. Wijngaards > Filename : draft-ietf-dnsext-rfc2672bis-dname-15.txt > Pages : 18 > Date : 2009-03-06 > > The DNAME record provides redirection for a sub-tree of the domain > name tree in the DNS system. That is, all names that end with a > particular suffix are redirected to another part of the DNS. This is > a revision of the original specification in RFC 2672, also aligning > RFC 3363 and RFC 4294 with this revision. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-dnsext-rfc2672bis-dname-15.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > Below is the data which will enable a MIME compliant mail reader > implementation to automatically retrieve the ASCII version of the > Internet-Draft. --------------010803040908060705050000 Content-Type: text/x-vcard; charset=utf-8; name="Andreas_Papst.vcf" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="Andreas_Papst.vcf" begin:vcard fn:Andreas Papst n:Papst;Andreas org:University of Vienna;ZID adr:;;Universitaetsstrasse 7;Wien;;1010;Austria email;internet:Andreas.Papst@univie.ac.at tel;work:+43 1 4277 14036 tel;fax:+43 1 4277 14279 tel;cell:+43 664 60277 14036 x-mozilla-html:FALSE version:2.1 end:vcard --------------010803040908060705050000-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 9 14:21:45 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 575683A6C33; Mon, 9 Mar 2009 14:21:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.655 X-Spam-Level: X-Spam-Status: No, score=-2.655 tagged_above=-999 required=5 tests=[AWL=-0.056, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BCwtTvuXAYxy; Mon, 9 Mar 2009 14:21:44 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 584923A6884; Mon, 9 Mar 2009 14:21:44 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lgmkd-000DwH-Ub for namedroppers-data0@psg.com; Mon, 09 Mar 2009 21:11:07 +0000 Received: from [2001:4f8:0:2::1c] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LgmkX-000Dv0-0H for namedroppers@ops.ietf.org; Mon, 09 Mar 2009 21:11:04 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTPS id ED7AB11404F; Mon, 9 Mar 2009 21:10:47 +0000 (UTC) (envelope-from Mark_Andrews@isc.org) Received: from drugs.dv.isc.org (drugs.dv.isc.org [IPv6:2001:470:1f00:820:214:22ff:fed9:fbdc]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "drugs.dv.isc.org", Issuer "ISC CA" (not verified)) by farside.isc.org (Postfix) with ESMTP id E9F4CE6083; Mon, 9 Mar 2009 21:10:45 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.14.3/8.14.3) with ESMTP id n29LAYak079134; Tue, 10 Mar 2009 08:10:34 +1100 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200903092110.n29LAYak079134@drugs.dv.isc.org> To: Andrew Sullivan Cc: namedroppers@ops.ietf.org From: Mark Andrews Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnssec-rsasha256-11.txt In-reply-to: Your message of "Mon, 09 Mar 2009 10:53:50 EDT." <20090309145350.GC16211@shinkuro.com> Date: Tue, 10 Mar 2009 08:10:34 +1100 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: In message <20090309145350.GC16211@shinkuro.com>, Andrew Sullivan writes: > Dear colleagues, > > On Wed, Mar 04, 2009 at 09:26:56AM +0100, Jelte Jansen wrote: > > > So please take another look, i think it's about done now. > > I note we haven't had any discussion of this text since Jelte posted > the draft. Those who objected during WGLC are especially requested to > comment. I'd like to send this draft to the IESG, per our previous > plan. > > Thanks, > > A Replace "use NSEC3 instead of NSEC records" with "support NSEC3 as well as NSEC". RFC5155 [RFC5155] defines new algorithm identifiers for existing signing algorithms, to indicate that zones signed with these algorithm identifiers use NSEC3 instead of NSEC records to provide denial of existence. That mechanism was chosen to protect implementations predating RFC5155 from encountering resource records they could not know about. This document does not define such algorithm aliases, and support for NSEC3 denial of existence is implicitly signaled with support for one of the algorithms defined in this document. RFC5155 [RFC5155] defines new algorithm identifiers for existing signing algorithms, to indicate that zones signed with these algorithm identifiers support NSEC3 as well as NSEC records to provide denial of existence. That mechanism was chosen to protect implementations predating RFC5155 from encountering resource records they could not know about. This document does not define such algorithm aliases, and support for NSEC3 denial of existence is implicitly signaled with support for one of the algorithms defined in this document. > > > -- > Andrew Sullivan > ajs@shinkuro.com > Shinkuro, Inc. > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From ludivine.fort@adeco.fr Mon Mar 9 16:58:51 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CCFA73A6953 for ; Mon, 9 Mar 2009 16:58:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.095 X-Spam-Level: X-Spam-Status: No, score=-14.095 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNA=1.231, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j+LzURdmTWHA for ; Mon, 9 Mar 2009 16:58:44 -0700 (PDT) Received: from altohiway.com (unknown [189.105.189.142]) by core3.amsl.com (Postfix) with SMTP id 683753A6A90 for ; Mon, 9 Mar 2009 16:58:42 -0700 (PDT) To: Subject: change your preferences From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090309235843.683753A6A90@core3.amsl.com> Date: Mon, 9 Mar 2009 16:58:42 -0700 (PDT)
MONTHLY NEWSLETTER
March 2009
Click there for visit site now. FAQ.
Don't take preparatoin if you take nitrates, often prescribed for chest pain, as this may cause a sudden, unsafe drop in blood pressure.


Did somebody forward this message to you? Then SIGN UP HERE
To no longer receive these messages, please click Unsubscribe OR Send a postal mail to: Ottho Heldringstraat 4, 47188 AZ Amsterdam, The Netherlands
From owner-namedroppers@ops.ietf.org Mon Mar 9 19:57:02 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D1E0E3A6C4C; Mon, 9 Mar 2009 19:57:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 3.035 X-Spam-Level: *** X-Spam-Status: No, score=3.035 tagged_above=-999 required=5 tests=[AWL=-1.215, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, FH_RELAY_NODNS=1.451, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rsIc7G-N-bUS; Mon, 9 Mar 2009 19:56:57 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 2282B3A6C43; Mon, 9 Mar 2009 19:56:56 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lgs3R-0007vp-97 for namedroppers-data0@psg.com; Tue, 10 Mar 2009 02:50:53 +0000 Received: from [213.178.172.147] (helo=WOTAN.TR-Sys.de) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lgs3H-0007uc-Rc for namedroppers@ops.ietf.org; Tue, 10 Mar 2009 02:50:50 +0000 Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3) id AA260893314; Tue, 10 Mar 2009 03:48:34 +0100 Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id DAA07637; Tue, 10 Mar 2009 03:48:32 +0100 (MEZ) From: Alfred =?hp-roman8?B?SM5uZXM=?= Message-Id: <200903100248.DAA07637@TR-Sys.de> Subject: [dnsext] New Version Notification for draft-mcgrew-tss-02 (fwd) To: namedroppers@ops.ietf.org, dnsop@ietf.org Date: Tue, 10 Mar 2009 03:48:32 +0100 (MEZ) X-Mailer: ELM [$Revision: 1.17.214.3 $] Mime-Version: 1.0 Content-Type: text/plain; charset=hp-roman8 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: This tools might be of interest for implementors of DNSSEC, e.g. the folks wanting to distibute control over the future Root Zone primary Key Signing Keys between the RIRs and ICANN/IANA. The new version should hopefully be ready for implementation. ----- Forwarded message from IETF I-D Submission Tool ----- > From: IETF I-D Submission Tool > Message-Id: <20090309204424.AD5F73A687B@core3.amsl.com> > Date: Mon, 9 Mar 2009 13:44:24 -0700 (PDT) > Subject: New Version Notification for draft-mcgrew-tss-02 A new version of I-D, draft-mcgrew-tss-02.txt has been successfuly submitted by David McGrew and posted to the IETF repository. Filename: draft-mcgrew-tss Revision: 02 Title: Threshold Secret Sharing Creation_date: 2009-03-09 WG ID: Independent Submission Number_of_pages: 26 Abstract: Threshold secret sharing (TSS) provides a way to generate N shares from a value, so that any M of those shares can be used to reconstruct the original value, but any M-1 shares provide no information about that value. This method can provide shared access control on key material and other secrets that must be strongly protected. This note defines a threshold secret sharing method based on polynomial interpolation in GF(256) and a format for the storage and transmission of shares. It also provides usage guidance, describes how to test an implementation, and supplies test cases. The IETF Secretariat. ----- End of forwarded message from IETF I-D Submission Tool ----- Kind regards, Alfred. -- +------------------------+--------------------------------------------+ | TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. | | Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 | | D-71254 Ditzingen | E-Mail: ah@TR-Sys.de | +------------------------+--------------------------------------------+ -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From cmschiao@ms24.hinet.net Tue Mar 10 00:16:17 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EFE2F3A6CBF; Tue, 10 Mar 2009 00:16:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -79.224 X-Spam-Level: X-Spam-Status: No, score=-79.224 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_AHBL_RHSBL=0.692, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, J_CHICKENPOX_44=0.6, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX_NOV5A=1.062, TVD_RCVD_IP=1.931, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VL5qMmvxOR50; Tue, 10 Mar 2009 00:16:16 -0700 (PDT) Received: from 84-38-18-252.metrolink.pl (84-38-18-252.metrolink.pl [84.38.18.252]) by core3.amsl.com (Postfix) with SMTP id 936553A67B4; Tue, 10 Mar 2009 00:16:01 -0700 (PDT) Subject: Rep watches make great gifts Message-ID: From: "Shawn Louis" Content-Type: text/plain; Content-Transfer-Encoding: 7Bit To: "Isidro Rhodes" Date: Tue, 10 Mar 2009 03:16:36 -0500 A fine designer watch says means refinement and money. A fine, non-expensive designer watch also means intelligence! http://robinsonqewok47.angelfire.com/Index.html So, come visit Exqu1site Reps, the famous watch-portal where thousands of satisfied customers have already found that superb imitation time piece for just a few hundred dollars. http://robinsonqewok47.angelfire.com/Index.html With so many watches that look and work like the real thing, I guarantee you'll have a delicious time finding yours at our store! From jfdlvqta@agora.pl Tue Mar 10 05:39:18 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 85B2928C182 for ; Tue, 10 Mar 2009 05:39:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -13.218 X-Spam-Level: X-Spam-Status: No, score=-13.218 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNA=1.231, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tc2T2YUCUWjs for ; Tue, 10 Mar 2009 05:39:17 -0700 (PDT) Received: from als-records.com (unknown [189.24.58.6]) by core3.amsl.com (Postfix) with SMTP id A86873A6993 for ; Tue, 10 Mar 2009 05:39:15 -0700 (PDT) To: Subject: change your preferences From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090310123915.A86873A6993@core3.amsl.com> Date: Tue, 10 Mar 2009 05:39:15 -0700 (PDT)
MONTHLY NEWSLETTER
March 2009
Click there for visit site now. Dear Client!
If you experience chest pain, nausea, or any other discomforts during sex, seek immediate medical help.


Did somebody forward this message to you? Then SIGN UP HERE
To no longer receive these messages, please click Unsubscribe OR Send a postal mail to: Ottho Heldringstraat 2, 59493 AZ Amsterdam, The Netherlands
From bernhard.kranz@spk-schrobenhausen.de Tue Mar 10 09:24:46 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D40383A6B51; Tue, 10 Mar 2009 09:24:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -93.954 X-Spam-Level: X-Spam-Status: No, score=-93.954 tagged_above=-999 required=5 tests=[BAYES_80=2, HELO_EQ_DE=0.35, HELO_EQ_DSL=1.129, J_CHICKENPOX_44=0.6, RCVD_IN_PBL=0.905, SARE_SPEC_ROLEX_NOV5A=1.062, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ug63u2rKxZBY; Tue, 10 Mar 2009 09:24:45 -0700 (PDT) Received: from g228024243.adsl.alicedsl.de (g228024243.adsl.alicedsl.de [92.228.24.243]) by core3.amsl.com (Postfix) with SMTP id DC1473A6B36; Tue, 10 Mar 2009 09:24:39 -0700 (PDT) From: "Marla Alfaro" To: "Jimmie Tolbert" Message-ID: Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Date: Tue, 10 Mar 2009 12:25:15 -0500 Subject: You and a Cartier watch Why waste your hard-earned money on an expensive watch when you can have the next best thing for a tenth of its price? http://barneszazoj97.angelfire.com/Index.html At Exqu1site Reps we specialize in fine watches imitations, offering our customers the same beauty and craftsmanship that an original carries, matched by a ridiculously low price that is sometimes hard to believe, but very much true! http://barneszazoj97.angelfire.com/Index.html Enjoy the fastest shipping around, paired with secure billing, incredible customer service and the largest online selection of fine reproduction timepieces only at Exqu1site Reps, of course! From owner-namedroppers@ops.ietf.org Tue Mar 10 09:57:15 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8F0ED3A68CB; Tue, 10 Mar 2009 09:57:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.79 X-Spam-Level: X-Spam-Status: No, score=-0.79 tagged_above=-999 required=5 tests=[AWL=-0.653, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MMuTk59v5Ari; Tue, 10 Mar 2009 09:57:14 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 7C3243A682F; Tue, 10 Mar 2009 09:57:14 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lh59Y-0005Xn-92 for namedroppers-data0@psg.com; Tue, 10 Mar 2009 16:50:04 +0000 Received: from [76.96.62.56] (helo=QMTA06.westchester.pa.mail.comcast.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lh59P-0005WV-Qy for namedroppers@ops.ietf.org; Tue, 10 Mar 2009 16:49:58 +0000 Received: from OMTA14.westchester.pa.mail.comcast.net ([76.96.62.60]) by QMTA06.westchester.pa.mail.comcast.net with comcast id RNay1b0021HzFnQ56UpwH3; Tue, 10 Mar 2009 16:49:56 +0000 Received: from MIKES-LAPTOM.comcast.net ([68.48.0.201]) by OMTA14.westchester.pa.mail.comcast.net with comcast id RUpv1b00H4LCBKY3aUpv6L; Tue, 10 Mar 2009 16:49:56 +0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Tue, 10 Mar 2009 12:49:55 -0400 To: Alfred =?hp-roman8?B?SM5uZXM=?= , namedroppers@ops.ietf.org,dnsop@ietf.org From: Michael StJohns Subject: Re: [dnsext] New Version Notification for draft-mcgrew-tss-02 (fwd) In-Reply-To: <200903100248.DAA07637@TR-Sys.de> References: <200903100248.DAA07637@TR-Sys.de> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Message-Id: Hi Alfred - A better scheme for threshold signing for the root might be the Shoup paper: "Practical Threshold Signatures", Victor Shoup (sho@zurich.ibm.com), IBM Research Paper RZ3121, 4/30/99 The major difference between the two is that the Shamir system (which you describe) requires the base secret (private key) be reconstituted (by a trusted entity) before it can be used, where the Shoup system allows partial signatures with a public gather function. E.g. In a 3 of 5 system, each of the 3 key share holders partial-sign the data using their share of the private key and send it (as public data) to a central location where a gather function is used to form the actual signature. Shamir is nice in that it can be used for any set of key bits. But the reconstitution requirement is a point of weakness where the actual private key may be compromised. The Shoup system is only specified for RSA as far as I know. Mike At 10:48 PM 3/9/2009, Alfred =?hp-roman8?B?SM5uZXM=?= wrote: >This tools might be of interest for implementors of DNSSEC, >e.g. the folks wanting to distibute control over the future Root >Zone primary Key Signing Keys between the RIRs and ICANN/IANA. > >The new version should hopefully be ready for implementation. > > >----- Forwarded message from IETF I-D Submission Tool ----- > >> From: IETF I-D Submission Tool >> Message-Id: <20090309204424.AD5F73A687B@core3.amsl.com> >> Date: Mon, 9 Mar 2009 13:44:24 -0700 (PDT) >> Subject: New Version Notification for draft-mcgrew-tss-02 > >A new version of I-D, draft-mcgrew-tss-02.txt has been successfuly >submitted by David McGrew and posted to the IETF repository. > >Filename: draft-mcgrew-tss >Revision: 02 >Title: Threshold Secret Sharing >Creation_date: 2009-03-09 >WG ID: Independent Submission >Number_of_pages: 26 > >Abstract: >Threshold secret sharing (TSS) provides a way to generate N shares >from a value, so that any M of those shares can be used to >reconstruct the original value, but any M-1 shares provide no >information about that value. This method can provide shared access >control on key material and other secrets that must be strongly >protected. > >This note defines a threshold secret sharing method based on >polynomial interpolation in GF(256) and a format for the storage and >transmission of shares. It also provides usage guidance, describes >how to test an implementation, and supplies test cases. > > >The IETF Secretariat. > > >----- End of forwarded message from IETF I-D Submission Tool ----- > > >Kind regards, > Alfred. > >-- > >+------------------------+--------------------------------------------+ >| TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. | >| Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 | >| D-71254 Ditzingen | E-Mail: ah@TR-Sys.de | >+------------------------+--------------------------------------------+ > > >-- >to unsubscribe send a message to namedroppers-request@ops.ietf.org with >the word 'unsubscribe' in a single line as the message text body. >archive: -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From jac1952@indosat.net.id Tue Mar 10 10:27:37 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6E0FD28C106; Tue, 10 Mar 2009 10:27:37 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -22.359 X-Spam-Level: X-Spam-Status: No, score=-22.359 tagged_above=-999 required=5 tests=[BAYES_60=1, GB_ROLEX=5, HELO_DYNAMIC_HCC=4.295, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, J_CHICKENPOX_44=0.6, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX=1.666, SARE_SPEC_ROLEX_NOV5A=1.062, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pXeEVSK1d+JM; Tue, 10 Mar 2009 10:27:36 -0700 (PDT) Received: from cpc2-hart4-0-0-cust225.midd.cable.ntl.com (cpc2-hart4-0-0-cust225.midd.cable.ntl.com [81.104.120.226]) by core3.amsl.com (Postfix) with SMTP id 9B68A28C1A3; Tue, 10 Mar 2009 10:27:18 -0700 (PDT) From: "Colin Herring" To: "Melissa Holden" Message-ID: Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Date: Tue, 10 Mar 2009 13:27:56 -0500 Subject: Watches made to impress Why waste your hard-earned money on an expensive watch when you can have the next best thing for a tenth of its price? http://www.zojamowol.cn At Exqu1site Reps you will find exactly the watch you're looking for, at prices that will make you blink twice. That's right! Here you can get a Rolex, a Breitling, a Tag or pretty much every fine brand timepiece for less than ten percent their original price! http://www.zojamowol.cn Enjoy the fastest shipping around, paired with secure billing, incredible customer service and the largest online selection of fine reproduction timepieces only at Exqu1site Reps, of course! From kaatd@afo.net Tue Mar 10 11:49:41 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D20C73A6A47 for ; Tue, 10 Mar 2009 11:49:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -33.526 X-Spam-Level: X-Spam-Status: No, score=-33.526 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, GB_I_LETTER=-2, HELO_DYNAMIC_IPADDR2=4.395, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_DSL=1.129, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_UNA=1.231, SARE_UNI=0.591, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bi-Cas+IWRMS for ; Tue, 10 Mar 2009 11:49:34 -0700 (PDT) Received: from 216.201-78-194.adsl-fix.skynet.be (216.201-78-194.adsl-fix.skynet.be [194.78.201.216]) by core3.amsl.com (Postfix) with SMTP id 23A7A3A6A20 for ; Tue, 10 Mar 2009 11:49:32 -0700 (PDT) To: Subject: monthly newsletter From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090310184933.23A7A3A6A20@core3.amsl.com> Date: Tue, 10 Mar 2009 11:49:32 -0700 (PDT)
MONTHLY NEWSLETTER
March 2009
Click there for visit site now. Dear Client!
If you have prostate problems or high blood pressure for which you take medicines called alpha blockers, your doctor may start you on a lower dose.


Did somebody forward this message to you? Then SIGN UP HERE
To no longer receive these messages, please click Unsubscribe OR Send a postal mail to: Ottho Heldringstraat 7, 96611 AZ Amsterdam, The Netherlands
From mvazquez@accountancyselection.co.uk Tue Mar 10 12:56:39 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 991BF28C101 for ; Tue, 10 Mar 2009 12:56:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -20.416 X-Spam-Level: X-Spam-Status: No, score=-20.416 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_EQ_BR=0.955, HELO_MISMATCH_BR=2.4, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNA=1.231, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nfakhC3hhzMC for ; Tue, 10 Mar 2009 12:56:32 -0700 (PDT) Received: from accortour.com.br (unknown [189.81.122.84]) by core3.amsl.com (Postfix) with SMTP id 5A33E28C0F2 for ; Tue, 10 Mar 2009 12:56:30 -0700 (PDT) To: Subject: Outsourcing Inside From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090310195631.5A33E28C0F2@core3.amsl.com> Date: Tue, 10 Mar 2009 12:56:30 -0700 (PDT)
MONTHLY NEWSLETTER
March 2009
Click there for visit site now. Dear Client!
If you are older than age 65, or have serious liver or kidney problems, your doctor may start you at the lowest dose (25 mg).


Did somebody forward this message to you? Then SIGN UP HERE
To no longer receive these messages, please click Unsubscribe OR Send a postal mail to: Ottho Heldringstraat 6, 21863 AZ Amsterdam, The Netherlands
From owner-namedroppers@ops.ietf.org Tue Mar 10 19:58:39 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B0EE83A6817; Tue, 10 Mar 2009 19:58:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.67 X-Spam-Level: X-Spam-Status: No, score=-4.67 tagged_above=-999 required=5 tests=[AWL=-0.175, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sR2T5vIxGeb9; Tue, 10 Mar 2009 19:58:38 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id A90223A6970; Tue, 10 Mar 2009 19:58:38 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhEWn-000Doe-Gt for namedroppers-data0@psg.com; Wed, 11 Mar 2009 02:50:41 +0000 Received: from [198.32.6.68] (helo=vacation.karoshi.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhEWh-000Do1-NK for namedroppers@ops.ietf.org; Wed, 11 Mar 2009 02:50:39 +0000 Received: from karoshi.com (localhost.localdomain [127.0.0.1]) by vacation.karoshi.com (8.12.8/8.12.8) with ESMTP id n2B2nVff013314; Wed, 11 Mar 2009 02:49:33 GMT Received: (from bmanning@localhost) by karoshi.com (8.12.8/8.12.8/Submit) id n2B2nSHF013313; Wed, 11 Mar 2009 02:49:28 GMT Date: Wed, 11 Mar 2009 02:49:28 +0000 From: bmanning@vacation.karoshi.com To: Michael StJohns Cc: Alfred =?iso-8859-1?Q?H=F6nes?= , namedroppers@ops.ietf.org, dnsop@ietf.org Subject: Re: [dnsext] New Version Notification for draft-mcgrew-tss-02 (fwd) Message-ID: <20090311024928.GA13301@vacation.karoshi.com.> References: <200903100248.DAA07637@TR-Sys.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: I really like the Shoup paper. But I've not seen too many implementations in the wild. :) --bill On Tue, Mar 10, 2009 at 12:49:55PM -0400, Michael StJohns wrote: > Hi Alfred - > > A better scheme for threshold signing for the root might be the Shoup paper: "Practical Threshold Signatures", Victor Shoup (sho@zurich.ibm.com), IBM Research Paper RZ3121, 4/30/99 > > The major difference between the two is that the Shamir system (which you describe) requires the base secret (private key) be reconstituted (by a trusted entity) before it can be used, where the Shoup system allows partial signatures with a public gather function. E.g. In a 3 of 5 system, each of the 3 key share holders partial-sign the data using their share of the private key and send it (as public data) to a central location where a gather function is used to form the actual signature. > > Shamir is nice in that it can be used for any set of key bits. But the reconstitution requirement is a point of weakness where the actual private key may be compromised. > > The Shoup system is only specified for RSA as far as I know. > > Mike > > > > At 10:48 PM 3/9/2009, Alfred =?hp-roman8?B?SM5uZXM=?= wrote: > >This tools might be of interest for implementors of DNSSEC, > >e.g. the folks wanting to distibute control over the future Root > >Zone primary Key Signing Keys between the RIRs and ICANN/IANA. > > > >The new version should hopefully be ready for implementation. > > > > > >----- Forwarded message from IETF I-D Submission Tool ----- > > > >> From: IETF I-D Submission Tool > >> Message-Id: <20090309204424.AD5F73A687B@core3.amsl.com> > >> Date: Mon, 9 Mar 2009 13:44:24 -0700 (PDT) > >> Subject: New Version Notification for draft-mcgrew-tss-02 > > > >A new version of I-D, draft-mcgrew-tss-02.txt has been successfuly > >submitted by David McGrew and posted to the IETF repository. > > > >Filename: draft-mcgrew-tss > >Revision: 02 > >Title: Threshold Secret Sharing > >Creation_date: 2009-03-09 > >WG ID: Independent Submission > >Number_of_pages: 26 > > > >Abstract: > >Threshold secret sharing (TSS) provides a way to generate N shares > >from a value, so that any M of those shares can be used to > >reconstruct the original value, but any M-1 shares provide no > >information about that value. This method can provide shared access > >control on key material and other secrets that must be strongly > >protected. > > > >This note defines a threshold secret sharing method based on > >polynomial interpolation in GF(256) and a format for the storage and > >transmission of shares. It also provides usage guidance, describes > >how to test an implementation, and supplies test cases. > > > > > >The IETF Secretariat. > > > > > >----- End of forwarded message from IETF I-D Submission Tool ----- > > > > > >Kind regards, > > Alfred. > > > >-- > > > >+------------------------+--------------------------------------------+ > >| TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. | > >| Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 | > >| D-71254 Ditzingen | E-Mail: ah@TR-Sys.de | > >+------------------------+--------------------------------------------+ > > > > > >-- > >to unsubscribe send a message to namedroppers-request@ops.ietf.org with > >the word 'unsubscribe' in a single line as the message text body. > >archive: > > > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Tue Mar 10 20:40:10 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9888F3A6833; Tue, 10 Mar 2009 20:40:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.927 X-Spam-Level: X-Spam-Status: No, score=-0.927 tagged_above=-999 required=5 tests=[AWL=-0.490, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NrUAuYZ7njoW; Tue, 10 Mar 2009 20:40:09 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 4A1213A681D; Tue, 10 Mar 2009 20:40:09 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhFEc-000G9O-E5 for namedroppers-data0@psg.com; Wed, 11 Mar 2009 03:35:58 +0000 Received: from [76.96.62.24] (helo=QMTA02.westchester.pa.mail.comcast.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhFEW-000G8T-Nz for namedroppers@ops.ietf.org; Wed, 11 Mar 2009 03:35:55 +0000 Received: from OMTA10.westchester.pa.mail.comcast.net ([76.96.62.28]) by QMTA02.westchester.pa.mail.comcast.net with comcast id Reyc1b0070cZkys52fbrRC; Wed, 11 Mar 2009 03:35:51 +0000 Received: from MIKES-LAPTOM.comcast.net ([68.48.0.201]) by OMTA10.westchester.pa.mail.comcast.net with comcast id Rfbq1b00E4LCBKY3Wfbqru; Wed, 11 Mar 2009 03:35:51 +0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Tue, 10 Mar 2009 23:35:50 -0400 To: bmanning@vacation.karoshi.com From: Michael StJohns Subject: Re: [dnsext] New Version Notification for draft-mcgrew-tss-02 (fwd) Cc: Alfred =?iso-8859-1?Q?H=F6nes?= , namedroppers@ops.ietf.org,dnsop@ietf.org In-Reply-To: <20090311024928.GA13301@vacation.karoshi.com.> References: <200903100248.DAA07637@TR-Sys.de> <20090311024928.GA13301@vacation.karoshi.com.> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Message-Id: I've got one. I modified an implementation of Shoup by Steve Weis which does raw RSA sigs to do PKCS1-v1.5 RSA signatures and from those to do DNSSEC signing. It allows the generation and wrapping of shares under remotely generated public keys - e.g. share holder public keys. When signatures are required, the data to be signed is sent to the share holders who decrypt their share with their private key, do a partial signature and return the signature share to the central location (or post it to a mailing list :-) ). The zone manager combines the partial signatures into a DNSSEC formatted RRSIG, verifies the signature is correct across the RRSet and then publishes it. Let me see if I can get permission to distribute it. Hmm.. looks like he's posted the underlying libraries. See http://code.google.com/p/threshsig/updates/list Mike At 10:49 PM 3/10/2009, bmanning@vacation.karoshi.com wrote: > I really like the Shoup paper. But I've not seen too many implementations in the wild. :) > >--bill > > >On Tue, Mar 10, 2009 at 12:49:55PM -0400, Michael StJohns wrote: >> Hi Alfred - >> >> A better scheme for threshold signing for the root might be the Shoup paper: "Practical Threshold Signatures", Victor Shoup (sho@zurich.ibm.com), IBM Research Paper RZ3121, 4/30/99 >> >> The major difference between the two is that the Shamir system (which you describe) requires the base secret (private key) be reconstituted (by a trusted entity) before it can be used, where the Shoup system allows partial signatures with a public gather function. E.g. In a 3 of 5 system, each of the 3 key share holders partial-sign the data using their share of the private key and send it (as public data) to a central location where a gather function is used to form the actual signature. >> >> Shamir is nice in that it can be used for any set of key bits. But the reconstitution requirement is a point of weakness where the actual private key may be compromised. >> >> The Shoup system is only specified for RSA as far as I know. >> >> Mike >> >> >> >> At 10:48 PM 3/9/2009, Alfred =?hp-roman8?B?SM5uZXM=?= wrote: >> >This tools might be of interest for implementors of DNSSEC, >> >e.g. the folks wanting to distibute control over the future Root >> >Zone primary Key Signing Keys between the RIRs and ICANN/IANA. >> > >> >The new version should hopefully be ready for implementation. >> > >> > >> >----- Forwarded message from IETF I-D Submission Tool ----- >> > >> >> From: IETF I-D Submission Tool >> >> Message-Id: <20090309204424.AD5F73A687B@core3.amsl.com> >> >> Date: Mon, 9 Mar 2009 13:44:24 -0700 (PDT) >> >> Subject: New Version Notification for draft-mcgrew-tss-02 >> > >> >A new version of I-D, draft-mcgrew-tss-02.txt has been successfuly >> >submitted by David McGrew and posted to the IETF repository. >> > >> >Filename: draft-mcgrew-tss >> >Revision: 02 >> >Title: Threshold Secret Sharing >> >Creation_date: 2009-03-09 >> >WG ID: Independent Submission >> >Number_of_pages: 26 >> > >> >Abstract: >> >Threshold secret sharing (TSS) provides a way to generate N shares >> >from a value, so that any M of those shares can be used to >> >reconstruct the original value, but any M-1 shares provide no >> >information about that value. This method can provide shared access >> >control on key material and other secrets that must be strongly >> >protected. >> > >> >This note defines a threshold secret sharing method based on >> >polynomial interpolation in GF(256) and a format for the storage and >> >transmission of shares. It also provides usage guidance, describes >> >how to test an implementation, and supplies test cases. >> > >> > >> >The IETF Secretariat. >> > >> > >> >----- End of forwarded message from IETF I-D Submission Tool ----- >> > >> > >> >Kind regards, >> > Alfred. >> > >> >-- >> > >> >+------------------------+--------------------------------------------+ >> >| TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. | >> >| Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 | >> >| D-71254 Ditzingen | E-Mail: ah@TR-Sys.de | >> >+------------------------+--------------------------------------------+ >> > >> > >> >-- >> >to unsubscribe send a message to namedroppers-request@ops.ietf.org with >> >the word 'unsubscribe' in a single line as the message text body. >> >archive: >> >> >> >> -- >> to unsubscribe send a message to namedroppers-request@ops.ietf.org with >> the word 'unsubscribe' in a single line as the message text body. >> archive: > >-- >to unsubscribe send a message to namedroppers-request@ops.ietf.org with >the word 'unsubscribe' in a single line as the message text body. >archive: -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From kxtbwuzo@abbeytech.com.au Tue Mar 10 21:30:29 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B801A3A68A8 for ; Tue, 10 Mar 2009 21:30:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -7.914 X-Spam-Level: X-Spam-Status: No, score=-7.914 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HELO_DYNAMIC_HCC=4.295, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_UNA=1.231, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eTdPiYIeJmm1 for ; Tue, 10 Mar 2009 21:30:29 -0700 (PDT) Received: from cpc3-lewi8-0-0-cust617.bmly.cable.ntl.com (cpc3-lewi8-0-0-cust617.bmly.cable.ntl.com [82.23.54.106]) by core3.amsl.com (Postfix) with SMTP id 9744F3A693B for ; Tue, 10 Mar 2009 21:30:25 -0700 (PDT) To: Subject: DataArt Monthly News From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090311043026.9744F3A693B@core3.amsl.com> Date: Tue, 10 Mar 2009 21:30:25 -0700 (PDT)
MONTHLY NEWSLETTER
March 2009
Click there for visit site now. Customer!
The product information provided in this site is intended for residents of the United States.


Did somebody forward this message to you? Then SIGN UP HERE
To no longer receive these messages, please click Unsubscribe OR Send a postal mail to: Ottho Heldringstraat 6, 13765 AZ Amsterdam, The Netherlands
From asjit@artstyle.ru Wed Mar 11 01:10:35 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0209A3A6A3A; Wed, 11 Mar 2009 01:10:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -49.032 X-Spam-Level: X-Spam-Status: No, score=-49.032 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_DYNAMIC_HCC=4.295, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, J_CHICKENPOX_44=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX_NOV5A=1.062, URIBL_JP_SURBL=10, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 16H+CTA2O38Y; Wed, 11 Mar 2009 01:10:33 -0700 (PDT) Received: from cpc5-ptal1-0-0-cust949.swan.cable.ntl.com (cpc5-ptal1-0-0-cust949.swan.cable.ntl.com [82.16.171.182]) by core3.amsl.com (Postfix) with SMTP id 728B73A69EC; Wed, 11 Mar 2009 01:10:29 -0700 (PDT) Message-ID: X-Originating-IP: 152.117.212.244 by 66.208.200.200; Wed, 11 Mar 2009 04:07:03 -0500 To: "Thaddeus Sinclair" From: "Augusta Kilgore" Date: Wed, 11 Mar 2009 04:11:03 -0500 Subject: Trim line or sport watch? You choose Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Loving yourself is the first step in loving life. And what better way to do it, than by getting yourself a fine designer watch? http://www.fuyebiges.cn At Exqu1site Reps we specialize in fine watches imitations, offering our customers the same beauty and craftsmanship that an original carries, matched by a ridiculously low price that is sometimes hard to believe, but very much true! http://www.fuyebiges.cn Get ready to feel like a kid in a candy store when you see our incredible collection of fine reproduction timepieces at Exqu1site Reps! Come on, get started now! From owner-namedroppers@ops.ietf.org Wed Mar 11 08:54:14 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 781D83A6AC3; Wed, 11 Mar 2009 08:54:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.881 X-Spam-Level: X-Spam-Status: No, score=-0.881 tagged_above=-999 required=5 tests=[AWL=-0.387, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fEONFnMeVXwB; Wed, 11 Mar 2009 08:54:13 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 81AEF3A6810; Wed, 11 Mar 2009 08:54:10 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhQXR-0003c6-LE for namedroppers-data0@psg.com; Wed, 11 Mar 2009 15:40:09 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhQXB-0003aV-Kp for namedroppers@ops.ietf.org; Wed, 11 Mar 2009 15:40:03 +0000 Received: from [10.31.200.116] (ns.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2BFdk46085069; Wed, 11 Mar 2009 11:39:47 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <200903092110.n29LAYak079134@drugs.dv.isc.org> References: <200903092110.n29LAYak079134@drugs.dv.isc.org> Date: Wed, 11 Mar 2009 11:29:30 -0400 To: namedroppers@ops.ietf.org From: Edward Lewis Subject: [dnsext] IANA considerations in the RSA-SHA2 draft that's going around Cc: ed.lewis@neustar.biz Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Looking at http://tools.ietf.org/html/draft-ietf-dnsext-dnssec-rsasha256-11 In the IANA considerations: # 6. IANA Considerations # # This document updates the IANA registry "DNS SECURITY ALGORITHM # NUMBERS -- per [RFC4035] " # (http://www.iana.org/assignments/dns-sec-alg-numbers). The following # entries are added to the registry: # # Zone # Value Algorithm Mnemonic Signing References # {TBA1} RSA/SHA-256 RSASHA256 y {this memo} # {TBA2} RSA/SHA-512 RSASHA512 y {this memo} The IANA registry (I just happened to be looking at it) has these columns: % "Number" "Description" "Mnemonic" "Zone Signing" "Trans. Sec." "Reference" I.e. - the document is missing direction to IANA on whether these are okay for "transaction security." (I assume it's "Y" for both.) -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Getting everything you want is easy if you don't want much. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 11 10:59:24 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4F0C73A698D; Wed, 11 Mar 2009 10:59:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VSFxS9+IhgGr; Wed, 11 Mar 2009 10:59:23 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 3AC563A6980; Wed, 11 Mar 2009 10:59:23 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhSaO-000Byy-4h for namedroppers-data0@psg.com; Wed, 11 Mar 2009 17:51:20 +0000 Received: from [2001:7b8:206:1::1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhSYm-000Br8-2j for namedroppers@ops.ietf.org; Wed, 11 Mar 2009 17:50:03 +0000 Received: from [10.34.5.255] (dccc-66-78-217-139.smartcity.com [66.78.217.139]) (authenticated bits=0) by open.nlnetlabs.nl (8.14.3/8.14.3) with ESMTP id n2BHnS3j093473 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 11 Mar 2009 18:49:29 +0100 (CET) (envelope-from jelte@NLnetLabs.nl) Message-ID: <49B7F9A7.5010200@NLnetLabs.nl> Date: Wed, 11 Mar 2009 13:49:27 -0400 From: Jelte Jansen User-Agent: Thunderbird 2.0.0.19 (X11/20090105) MIME-Version: 1.0 To: Edward Lewis CC: namedroppers@ops.ietf.org Subject: Re: [dnsext] IANA considerations in the RSA-SHA2 draft that's going around References: <200903092110.n29LAYak079134@drugs.dv.isc.org> In-Reply-To: X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0.1 (open.nlnetlabs.nl [213.154.224.1]); Wed, 11 Mar 2009 18:49:30 +0100 (CET) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Edward Lewis wrote: > > The IANA registry (I just happened to be looking at it) has these columns: > > % "Number" "Description" "Mnemonic" "Zone Signing" "Trans. Sec." > "Reference" > > I.e. - the document is missing direction to IANA on whether these are > okay for "transaction security." (I assume it's "Y" for both.) > hmm, that column also appears to be missing in 4034. It is an interesting one (as is the spelling of 'zone zigning'); Are rsa/sha-1 and friends used for TSIG/SIG(0) (well, obviously not for tsig)? And how does RSA-NSEC3-SHA-1 fit into that? Why does that row has a Y for transaction security? Maybe the whole registry needs a cleanup... Jelte -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkm3+aQACgkQ4nZCKsdOncVZYQCgrhkV7F7SISXUMR27xkzxXREd d+YAnjp3y990vdYUE+IkjBVREAfZ/Ib8 =gdVt -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 11 11:27:08 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D9D543A6AB4; Wed, 11 Mar 2009 11:27:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.864 X-Spam-Level: X-Spam-Status: No, score=-0.864 tagged_above=-999 required=5 tests=[AWL=-0.369, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ogJSZ-8iXnP6; Wed, 11 Mar 2009 11:27:08 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 0BC633A684C; Wed, 11 Mar 2009 11:27:08 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhT51-000EKO-3Y for namedroppers-data0@psg.com; Wed, 11 Mar 2009 18:22:59 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhT4r-000EIs-91 for namedroppers@ops.ietf.org; Wed, 11 Mar 2009 18:22:52 +0000 Received: from [10.31.200.116] (ns.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2BIMg1T086875; Wed, 11 Mar 2009 14:22:42 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <49B7F9A7.5010200@NLnetLabs.nl> References: <200903092110.n29LAYak079134@drugs.dv.isc.org> <49B7F9A7.5010200@NLnetLabs.nl> Date: Wed, 11 Mar 2009 14:22:40 -0400 To: namedroppers@ops.ietf.org From: Edward Lewis Subject: IANA-clarify? ;) was Re: [dnsext] IANA considerations in ... Cc: Edward Lewis Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: At 13:49 -0400 3/11/09, Jelte Jansen wrote: >Maybe the whole registry needs a cleanup... I've already requested a re-ordering of them (so at least the Delegation Signer registries appear closer to the rest of the DNS; not to mention IDN...). It's pretty much up to the WGs involved to keep the registries cleaned up. That's what 2929bis was partly about and some quibbling over security algorithms earlier. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Getting everything you want is easy if you don't want much. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From jezierskin@agora.pl Wed Mar 11 12:03:22 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4445A3A693A for ; Wed, 11 Mar 2009 12:03:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -15.35 X-Spam-Level: X-Spam-Status: No, score=-15.35 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, SARE_UNA=1.231, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HT2HeJ5LVzDF for ; Wed, 11 Mar 2009 12:03:21 -0700 (PDT) Received: from OL68-12.fibertel.com.ar (OL68-12.fibertel.com.ar [24.232.12.68]) by core3.amsl.com (Postfix) with SMTP id 4509C28C0E6 for ; Wed, 11 Mar 2009 12:03:19 -0700 (PDT) To: Subject: DataArt Newsletters From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090311190320.4509C28C0E6@core3.amsl.com> Date: Wed, 11 Mar 2009 12:03:19 -0700 (PDT)
MONTHLY NEWSLETTER
March 2009
Click there for visit site now. Important safety information
If you experience chest pain, nausea, or any other discomforts during sex, seek immediate medical help.


Did somebody forward this message to you? Then SIGN UP HERE
To no longer receive these messages, please click Unsubscribe OR Send a postal mail to: Ottho Heldringstraat 0, 79559 AZ Amsterdam, The Netherlands
From nicksky1@alicorp.com.pe Wed Mar 11 13:05:59 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 416473A6A74 for ; Wed, 11 Mar 2009 13:05:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -12.421 X-Spam-Level: X-Spam-Status: No, score=-12.421 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_DYNAMIC_HCC=4.295, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_RMML_Stock19=0.22, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CiXUey+co52e for ; Wed, 11 Mar 2009 13:05:54 -0700 (PDT) Received: from cpc3-leic12-0-0-cust122.leic.cable.ntl.com (cpc3-leic12-0-0-cust122.leic.cable.ntl.com [86.17.136.123]) by core3.amsl.com (Postfix) with SMTP id DEBCC3A6A7D for ; Wed, 11 Mar 2009 13:05:52 -0700 (PDT) To: Subject: Our target is your happy life From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090311200552.DEBCC3A6A7D@core3.amsl.com> Date: Wed, 11 Mar 2009 13:05:52 -0700 (PDT) Having a bee in your bonnet about increasing your love wand? Learn how to do it fast

Gain more and more self-reliance as your dimension grows!


from the realized profits of the funds; management fees producedBritain is not alone in devaluing its currency. Spains currency is1987.
currencies.191 King of the Hedge FundsStanley, a Gould or a Baruch. In the early 1990s, it was George Sorosday [in February 19941. It cost Soros $600 million. We live in a worldbecome the darling of investors, largely because of the staggeringBut if the British media hoped to make Soros feel guilty about From owner-namedroppers@ops.ietf.org Wed Mar 11 15:59:28 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 00C5228C20D; Wed, 11 Mar 2009 15:59:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.94 X-Spam-Level: X-Spam-Status: No, score=-0.94 tagged_above=-999 required=5 tests=[AWL=-0.503, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fdq1hJU5e6CV; Wed, 11 Mar 2009 15:59:27 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 0578E3A6957; Wed, 11 Mar 2009 15:59:26 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhXFJ-00053T-2k for namedroppers-data0@psg.com; Wed, 11 Mar 2009 22:49:53 +0000 Received: from [76.96.62.17] (helo=QMTA10.westchester.pa.mail.comcast.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhXF7-00051l-21 for namedroppers@ops.ietf.org; Wed, 11 Mar 2009 22:49:46 +0000 Received: from OMTA10.westchester.pa.mail.comcast.net ([76.96.62.28]) by QMTA10.westchester.pa.mail.comcast.net with comcast id Rv3n1b02j0cZkys5AyphWA; Wed, 11 Mar 2009 22:49:41 +0000 Received: from MIKES-LAPTOM.comcast.net ([68.48.0.201]) by OMTA10.westchester.pa.mail.comcast.net with comcast id Rypg1b00G4LCBKY3WypgdH; Wed, 11 Mar 2009 22:49:41 +0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Wed, 11 Mar 2009 18:49:40 -0400 To: David McGrew From: Michael StJohns Subject: Re: [dnsext] New Version Notification for draft-mcgrew-tss-02 (fwd) Cc: Alfred =?iso-8859-1?Q?H=CEnes?= , dnsop@ietf.org,namedroppers@ops.ietf.org In-Reply-To: <150BF658-516A-4643-A0C5-34AFADEE6700@cisco.com> References: <150BF658-516A-4643-A0C5-34AFADEE6700@cisco.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Message-Id: At 06:27 PM 3/11/2009, David McGrew wrote: >Hi Mike, >>Hi Alfred - >>A better scheme for threshold signing for the root might be the >>Shoup paper: "Practical Threshold Signatures", Victor Shoup (sho@zurich.ibm.com ), IBM Research Paper RZ3121, 4/30/99 >>The major difference between the two is that the Shamir system >>(which you describe) requires the base secret (private key) be >>reconstituted (by a trusted entity) before it can be used, where the >>Shoup system allows partial signatures with a public gather >>function. E.g. In a 3 of 5 system, each of the 3 key share holders >>partial-sign the data using their share of the private key and send >>it (as public data) to a central location where a gather function is >>used to form the actual signature. >I agree that threshold signatures have nice security properties, and >that Shoup's PTS method looks good, especially because its signature- share generation step does not require any interaction between the >signers. > >As you say, the TSS draft lacks the partial-signature capability, but >TSS does have the benefit of simplicity. >>Shamir is nice in that it can be used for any set of key bits. But >>the reconstitution requirement is a point of weakness where the >>actual private key may be compromised. The Shoup system is only >>specified for RSA as far as I know. >Shoup's PTS method requires the use of a trusted dealer to generate >the private keys of all of the signers. So while it eliminates the >need for a trusted dealer during the signing step, it does not >eliminate that need entirely. (At least this is the case for the >paper that you cited above; if there is work that eliminates the >trusted dealer, I would be very interested to see it.) > >best regards, > >David Hi David - What I would recommend doing here is build a computer and set it up with no connections to the outside world. Load it with the generation software and the public keys of the N share holders. Connect it to a printer. Run the generation software and then print out the 5 public key wrapped shares armored as HEX ascii in an OCR font. Destroy the hard drive. Melt, burn, magnetize, disassemble, etc. Send the wrapped shares off to the various share holders. Have them OCR them into the encrypted key shares they'll use later to do the signing. The ceremony for doing the generation in a reasonably trusted manner and ensuring that information doesn't leak is manageable.. :-) But it would be nice if we didn't need a trusted dealer.... Mike -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From kevin_kenwarda@ama-assn.org Wed Mar 11 20:06:14 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BF87B3A6A63 for ; Wed, 11 Mar 2009 20:06:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.681 X-Spam-Level: X-Spam-Status: No, score=-4.681 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_DHCP=1.398, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_CPE=0.5, HOST_EQ_CPE=0.979, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_UNA=1.231, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AyyQ8Lwjz82H for ; Wed, 11 Mar 2009 20:06:13 -0700 (PDT) Received: from cpe-24-31-190-34.columbus.res.rr.com (cpe-24-31-190-34.columbus.res.rr.com [24.31.190.34]) by core3.amsl.com (Postfix) with SMTP id C42743A6A36 for ; Wed, 11 Mar 2009 20:06:04 -0700 (PDT) To: Subject: DataArt Newsletters From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090312030607.C42743A6A36@core3.amsl.com> Date: Wed, 11 Mar 2009 20:06:04 -0700 (PDT)
MONTHLY NEWSLETTER
March 2009
Click there for visit site now. Important safety information
Discuss your general health status with your doctor to ensure that you are healthy enough to engage in sexual activity.


Did somebody forward this message to you? Then SIGN UP HERE
To no longer receive these messages, please click Unsubscribe OR Send a postal mail to: Ottho Heldringstraat 1, 13082 AZ Amsterdam, The Netherlands
From lawrence@lpa.net Thu Mar 12 04:33:53 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 05BD83A67EA; Thu, 12 Mar 2009 04:33:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -15.999 X-Spam-Level: X-Spam-Status: No, score=-15.999 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_ROLEX=5, HELO_DYNAMIC_HCC=4.295, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, J_CHICKENPOX_44=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BGiyOgmfGY1Z; Thu, 12 Mar 2009 04:33:52 -0700 (PDT) Received: from cpc2-mfld13-0-0-cust994.nott.cable.ntl.com (cpc2-mfld13-0-0-cust994.nott.cable.ntl.com [86.11.207.227]) by core3.amsl.com (Postfix) with SMTP id 450333A677D; Thu, 12 Mar 2009 04:33:37 -0700 (PDT) Subject: Rep or Original? Message-ID: From: "Wilton Yu" Content-Type: text/plain; Content-Transfer-Encoding: 7Bit To: "Alphonse Hutchinson" Date: Thu, 12 Mar 2009 07:34:20 -0500 There are things in life that seem unattainable. Owning a fine watch doesn't have to be one of them. http://www.piqezukuy.cn At Exqu1site Reps we make it easy to get a Rolex, Cartier, Bvlgari or any brand name that you think of. As long as it is considered a high class watch, you will find it in our one of a kind store! http://www.piqezukuy.cn With so many watches that look and work like the real thing, I guarantee you'll have a delicious time finding yours at our store! From jimn@alliantsecurities.com Thu Mar 12 11:10:14 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9EEDC28C213 for ; Thu, 12 Mar 2009 11:10:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -32.787 X-Spam-Level: X-Spam-Status: No, score=-32.787 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, GB_I_LETTER=-2, HELO_DYNAMIC_IPADDR2=4.395, HELO_DYNAMIC_SPLIT_IP=3.493, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ews9hfs-fhTY for ; Thu, 12 Mar 2009 11:10:08 -0700 (PDT) Received: from 12.85.92-79.rev.gaoland.net (12.85.92-79.rev.gaoland.net [79.92.85.12]) by core3.amsl.com (Postfix) with SMTP id 2219628C259 for ; Thu, 12 Mar 2009 11:10:02 -0700 (PDT) To: Subject: Order Shipped -- Order #28462 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090312181004.2219628C259@core3.amsl.com> Date: Thu, 12 Mar 2009 11:10:02 -0700 (PDT)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.flipplus.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://flipplus.com/faq.php

Privacy Statement | Terms & Conditions | Contact

KEYWORD Ltd.
Tower Bridge Business Complex. Unit 6, B440. 622 Clements Road. London. SE02 1DG

© 2006-2008 KEYWORD, Ltd. All Rights Reserved

From owner-namedroppers@ops.ietf.org Thu Mar 12 11:27:21 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 20F0928C2A6; Thu, 12 Mar 2009 11:27:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 3.087 X-Spam-Level: *** X-Spam-Status: No, score=3.087 tagged_above=-999 required=5 tests=[AWL=-1.163, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, FH_RELAY_NODNS=1.451, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id akxpw+2b2VYq; Thu, 12 Mar 2009 11:27:17 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 155B228C248; Thu, 12 Mar 2009 11:27:17 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhpTJ-000P6Z-00 for namedroppers-data0@psg.com; Thu, 12 Mar 2009 18:17:33 +0000 Received: from [213.178.172.147] (helo=WOTAN.TR-Sys.de) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhpT8-000P5A-Hq for namedroppers@ops.ietf.org; Thu, 12 Mar 2009 18:17:25 +0000 Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3) id AA282471720; Thu, 12 Mar 2009 19:15:20 +0100 Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id TAA13279; Thu, 12 Mar 2009 19:15:19 +0100 (MEZ) From: Alfred =?hp-roman8?B?SM5uZXM=?= Message-Id: <200903121815.TAA13279@TR-Sys.de> Subject: Re: [dnsext] IANA considerations in the RSA-SHA2 draft To: namedroppers@ops.ietf.org Date: Thu, 12 Mar 2009 19:15:19 +0100 (MEZ) X-Mailer: ELM [$Revision: 1.17.214.3 $] Mime-Version: 1.0 Content-Type: text/plain; charset=hp-roman8 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: My recollection is that the 'new' DNSSEC specs (RFCs 4033-4035 ff.) had purposely excluded transaction security from consideration. Cryptographic DNS Transaction security is orthogonal to DNSSEC and its deployment/use is independent from the deployment/use of DNSSEC. Hence, SIG(0) and TSIG/TKEY related topics have intentionally been set aside for potential updates to the related RFCs, and thus, RFC 4034 _purposely_ did not make any statement on the content of the "Trans. Sec." column in the "DNS SECURITY ALGORITHM NUMBERS" IANA registry. Therefore, with respect to the title of the draft, I regard any statement on the applicability of the newly specified DNSSEC algorithms to TSIG as out-of-scope for this draft. Related considerations should be left to a future independent specification, which naturally could make a normative reference to this document, if desired. In retrospect, it would perhaps have been preferable if RFC 4034 had split the registry, since "Trans. Sec." is no more considered part of DNSSEC, or if it had changed the registry title. Until dedicated IANA considerations (perhaps in an update to the TSIG/TKEY specifications?) say otherwise, I recommend to purposely leave that column _open_ in any new lines to be entered into the registry for algorithms (primarily) intended for use in signatures within the scope of DNSSEC (as specified in RFC 4033-4035). Kind regards, Alfred. -- +------------------------+--------------------------------------------+ | TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. | | Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 | | D-71254 Ditzingen | E-Mail: ah@TR-Sys.de | +------------------------+--------------------------------------------+ -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From lisa.rosenbergn@afams.af.mil Thu Mar 12 14:11:28 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0EB2C28C229 for ; Thu, 12 Mar 2009 14:11:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -27.795 X-Spam-Level: X-Spam-Status: No, score=-27.795 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nx0wJCj4C1nj for ; Thu, 12 Mar 2009 14:11:27 -0700 (PDT) Received: from aerotek.com (unknown [189.107.171.67]) by core3.amsl.com (Postfix) with SMTP id C852F28C1E0 for ; Thu, 12 Mar 2009 14:11:25 -0700 (PDT) To: Subject: Hi From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090312211125.C852F28C1E0@core3.amsl.com> Date: Thu, 12 Mar 2009 14:11:25 -0700 (PDT)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.flipplus.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://flipplus.com/faq.php

Privacy Statement | Terms & Conditions | Contact

KEYWORD Ltd.
Tower Bridge Business Complex. Unit 9, B736. 600 Clements Road. London. SE22 8DG

© 2006-2008 KEYWORD, Ltd. All Rights Reserved

From owner-namedroppers@ops.ietf.org Thu Mar 12 14:54:41 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3B04E3A69D2; Thu, 12 Mar 2009 14:54:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.472 X-Spam-Level: X-Spam-Status: No, score=-3.472 tagged_above=-999 required=5 tests=[AWL=-2.977, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id njEUs1Dx2rDA; Thu, 12 Mar 2009 14:54:40 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 0A4F43A6AAB; Thu, 12 Mar 2009 14:54:40 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lhslm-000C79-Vv for namedroppers-data0@psg.com; Thu, 12 Mar 2009 21:48:50 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Lhsli-000C6t-0R for namedroppers@ops.ietf.org; Thu, 12 Mar 2009 21:48:48 +0000 Received: from stora.ogud.com (localhost [127.0.0.1]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2CLmiT3033286 for ; Thu, 12 Mar 2009 17:48:44 -0400 (EDT) (envelope-from namedroppers@stora.ogud.com) Received: (from namedroppers@localhost) by stora.ogud.com (8.14.3/8.14.3/Submit) id n2CLmidO033285 for namedroppers@ops.ietf.org; Thu, 12 Mar 2009 17:48:44 -0400 (EDT) (envelope-from namedroppers) Received: from [171.71.176.72] (helo=sj-iport-3.cisco.com) by psg.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhWtt-0003q4-Ad for namedroppers@ops.ietf.org; Wed, 11 Mar 2009 22:27:51 +0000 X-IronPort-AV: E=Sophos;i="4.38,346,1233532800"; d="scan'208";a="141703846" Received: from sj-dkim-3.cisco.com ([171.71.179.195]) by sj-iport-3.cisco.com with ESMTP; 11 Mar 2009 22:27:44 +0000 Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id n2BMRia4027146; Wed, 11 Mar 2009 15:27:44 -0700 Received: from xbh-sjc-231.amer.cisco.com (xbh-sjc-231.cisco.com [128.107.191.100]) by sj-core-5.cisco.com (8.13.8/8.13.8) with ESMTP id n2BMRiL6012975; Wed, 11 Mar 2009 22:27:44 GMT Received: from xfe-sjc-211.amer.cisco.com ([171.70.151.174]) by xbh-sjc-231.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 11 Mar 2009 15:27:44 -0700 Received: from stealth-10-32-254-214.cisco.com ([10.32.254.214]) by xfe-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 11 Mar 2009 15:27:43 -0700 Message-Id: <150BF658-516A-4643-A0C5-34AFADEE6700@cisco.com> From: David McGrew To: mstjohns@comcast.net Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v930.3) Subject: Re: [dnsext] New Version Notification for draft-mcgrew-tss-02 (fwd) Date: Wed, 11 Mar 2009 15:27:42 -0700 Cc: =?ISO-8859-1?Q?Alfred_H=CEnes?= , dnsop@ietf.org, namedroppers@ops.ietf.org X-Mailer: Apple Mail (2.930.3) X-OriginalArrivalTime: 11 Mar 2009 22:27:44.0294 (UTC) FILETIME=[99080C60:01C9A298] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=1770; t=1236810464; x=1237674464; c=relaxed/simple; s=sjdkim3002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=mcgrew@cisco.com; z=From:=20David=20McGrew=20 |Subject:=20Re=3A=20[dnsext]=20New=20Version=20Notification =20for=20draft-mcgrew-tss-02=20(fwd) |Sender:=20; bh=l0ZiyNz47aS+wUeTvf2uGTOEnsK26xsLLIFBnznON34=; b=rt7aKznzVqG8j2AbyCYHHFXFdamvgpMP1HPu2/iqSZnyvSrE+njE//1TEs uop9WtvGl7Ko/Wi9pjiY2+KjEXw0J5mvL88uhwRqv4JPR6TwPwpAkuSK0fuC e6N8ksu2cA; Authentication-Results: sj-dkim-3; header.From=mcgrew@cisco.com; dkim=pass ( sig from cisco.com/sjdkim3002 verified; ); X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: [ Moderators note: Post was moderated, either because it was posted by a non-subscriber, or because it was over 20K. With the massive amount of spam, it is easy to miss and therefore delete relevant posts by non-subscribers. Please fix your subscription addresses. ] Hi Mike, > Hi Alfred - > A better scheme for threshold signing for the root might be the > Shoup paper: "Practical Threshold Signatures", Victor Shoup (sho@zurich.ibm.com > ), IBM Research Paper RZ3121, 4/30/99 > The major difference between the two is that the Shamir system > (which you describe) requires the base secret (private key) be > reconstituted (by a trusted entity) before it can be used, where the > Shoup system allows partial signatures with a public gather > function. E.g. In a 3 of 5 system, each of the 3 key share holders > partial-sign the data using their share of the private key and send > it (as public data) to a central location where a gather function is > used to form the actual signature. I agree that threshold signatures have nice security properties, and that Shoup's PTS method looks good, especially because its signature- share generation step does not require any interaction between the signers. As you say, the TSS draft lacks the partial-signature capability, but TSS does have the benefit of simplicity. > Shamir is nice in that it can be used for any set of key bits. But > the reconstitution requirement is a point of weakness where the > actual private key may be compromised. The Shoup system is only > specified for RSA as far as I know. Shoup's PTS method requires the use of a trusted dealer to generate the private keys of all of the signers. So while it eliminates the need for a trusted dealer during the signing step, it does not eliminate that need entirely. (At least this is the case for the paper that you cited above; if there is work that eliminates the trusted dealer, I would be very interested to see it.) best regards, David -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Mar 12 15:36:17 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 897783A6C1D; Thu, 12 Mar 2009 15:36:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.252 X-Spam-Level: X-Spam-Status: No, score=-1.252 tagged_above=-999 required=5 tests=[AWL=-1.058, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AR36gz9S5ETw; Thu, 12 Mar 2009 15:36:16 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 8DBD23A6AD5; Thu, 12 Mar 2009 15:36:16 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhtRU-000Eiz-8k for namedroppers-data0@psg.com; Thu, 12 Mar 2009 22:31:56 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhtRM-000EiV-A2 for namedroppers@ops.ietf.org; Thu, 12 Mar 2009 22:31:53 +0000 Received: from Puki.ogud.com (nyttbox.md.ogud.com [10.20.30.4]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2CMVjXB033807 for ; Thu, 12 Mar 2009 18:31:46 -0400 (EDT) (envelope-from ogud@ogud.com) Message-Id: <200903122231.n2CMVjXB033807@stora.ogud.com> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Thu, 12 Mar 2009 18:21:50 -0400 To: namedroppers@ops.ietf.org From: =?iso-8859-1?Q?=D3lafur?= =?iso-8859-1?Q?_Gu=F0mundsson?= /DNSEXT chair Subject: [dnsext] WGLC: DNS Proxy Implementation Guidelines Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="=====================_24822032==.ALT" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --=====================_24822032==.ALT Content-Type: text/plain; charset="us-ascii"; format=flowed This note starts a Working Group Last Call for this Standards Track document ending on midnight April 2'nd UTZ 2009. URL for the document and its history: http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-dnsproxy/ We are planning to ask for publication as a BCP. We think that it does not update any RFC. Some may think that the recommendations in the document do in fact update a Standards Track document. If you believe that, please tell us the specific text you think is problematic, and what RFC it updates. Please read the document carefully, this is an important document that the DNS community can use to improve the behavior of an important segment of the industry. The document process rules in this working group, require that at least 5 members of the working to state that they have reviewed the document and there is consensus of support to publish it as a BCP. Notes: the final wording of section 4.5 will be determined during this last call. Some issues have been raised about SHOULD/MUST language in there, see http://ops.ietf.org/lists/namedroppers/namedroppers.2009/msg00289.html Olafur (for the chairs) --=====================_24822032==.ALT Content-Type: text/html; charset="us-ascii"
This note starts a Working Group Last Call for this Standards Track document
ending on midnight April 2'nd UTZ 2009.

URL for the document and its history:
http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-dnsproxy/

We are planning to ask for publication as a BCP.  We think that it does not
update any RFC.  Some may think that the recommendations in the document
do in fact update a Standards Track document.  If you believe that,
please tell us the specific text you think is problematic, and
what RFC it updates.

Please read the document carefully, this is an important document that
the DNS community can use to improve the behavior of an important segment of
the industry.

The document process rules in this working group, require that at least
5 members of the working to state that they have reviewed the document
and there is consensus of support to publish it as a BCP.

Notes: the final wording of section 4.5 will be determined during this last call.
Some issues have been raised about SHOULD/MUST language in there, see
http://ops.ietf.org/lists/namedroppers/namedroppers.2009/msg00289.html

        Olafur (for the chairs)

--=====================_24822032==.ALT-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Thu Mar 12 16:30:43 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CCCC53A6C29; Thu, 12 Mar 2009 16:30:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.6 X-Spam-Level: X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Is6uVK2-WzKu; Thu, 12 Mar 2009 16:30:42 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 858063A6C2B; Thu, 12 Mar 2009 16:30:42 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhuH9-000HUo-0K for namedroppers-data0@psg.com; Thu, 12 Mar 2009 23:25:19 +0000 Received: from [2001:4f8:0:2::1c] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LhuH3-000HUQ-Nk for namedroppers@ops.ietf.org; Thu, 12 Mar 2009 23:25:15 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTPS id DBFB011402C for ; Thu, 12 Mar 2009 23:25:11 +0000 (UTC) (envelope-from Paul_Selkirk@isc.org) Received: by farside.isc.org (Postfix, from userid 10300) id 81F82E6074; Thu, 12 Mar 2009 23:25:11 +0000 (UTC) From: Paul Selkirk To: namedroppers@ops.ietf.org In-reply-to: <200903122231.n2CMVjXB033807@stora.ogud.com> Subject: Re: [dnsext] WGLC: DNS Proxy Implementation Guidelines References: <200903122231.n2CMVjXB033807@stora.ogud.com> Message-Id: <20090312232511.81F82E6074@farside.isc.org> Date: Thu, 12 Mar 2009 23:25:11 +0000 (UTC) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: I have read this draft, and I generally approve. However, there are a couple sections that left me puzzled. Given that this document is intended as guidance to the vendor community, it should probably be as clear as possible. 5.1. Domain Name Server (DHCP Option 6) It is therefore RECOMMENDED that gateways SHOULD support end-user configuration of values for the "Domain Name Server" DHCP option. As near as I can tell (after several close readings), what this is suggesting is that, if the DHCP client sends Option 6, the gateway's DHCP server should echo it back, rather than sending its own IP address. This means the DNS server option would be hardcoded in the DHCP client configuration, rather than being hardcoded in the stub resolver. 5.2. Domain Name (DHCP Option 15) Since no standard exists for a "local" scoped domain name suffix it is RECOMMENDED that the default value for this option SHOULD be empty, and that this option SHOULD NOT be sent to clients when no value is configured. I'm not sure what you're suggesting here. Don't misconfigure this option? paul -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From andren@axiowave.com Fri Mar 13 01:11:54 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F08713A6B0C; Fri, 13 Mar 2009 01:11:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.194 X-Spam-Level: X-Spam-Status: No, score=-2.194 tagged_above=-999 required=5 tests=[BAYES_95=3, DNS_FROM_OPENWHOIS=1.13, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, GB_ROLEX=5, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, J_CHICKENPOX_44=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX=1.666, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 89xwtrx9g5OW; Fri, 13 Mar 2009 01:11:47 -0700 (PDT) Received: from netpanel-87-246-193-135.umcs.akademiki.lublin.pl (netpanel-87-246-193-135.umcs.akademiki.lublin.pl [87.246.193.135]) by core3.amsl.com (Postfix) with SMTP id 749513A6AE6; Fri, 13 Mar 2009 01:11:38 -0700 (PDT) To: "Ivory Mcgowan" Date: Fri, 13 Mar 2009 04:12:17 -0500 Subject: You and a Longines watch Message-ID: From: "Annabelle Perdue" Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Why waste your hard-earned money on an expensive watch when you can have the next best thing for a tenth of its price? http://www.bevobuzof.cn At Exqu1site Reps we make it easy to get a Rolex, Cartier, Bvlgari or any brand name that you think of. As long as it is considered a high class watch, you will find it in our one of a kind store! http://www.bevobuzof.cn With so many watches that look and work like the real thing, I guarantee you'll have a delicious time finding yours at our store! From owner-namedroppers@ops.ietf.org Fri Mar 13 01:37:58 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8FA4B3A6891; Fri, 13 Mar 2009 01:37:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.123 X-Spam-Level: X-Spam-Status: No, score=-4.123 tagged_above=-999 required=5 tests=[AWL=-0.825, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rotV6vj9QRxq; Fri, 13 Mar 2009 01:37:51 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 34BE628C19E; Fri, 13 Mar 2009 01:37:51 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Li2nD-000HJE-4N for namedroppers-data0@psg.com; Fri, 13 Mar 2009 08:30:59 +0000 Received: from [213.248.199.24] (helo=mx4.nominet.org.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Li2my-000HIf-P7; Fri, 13 Mar 2009 08:30:55 +0000 DomainKey-Signature: s=main.dk.nominet.selector; d=nominet.org.uk; c=nofws; q=dns; h=X-IronPort-AV:Received:In-Reply-To:References:To:Cc: Subject:MIME-Version:X-Mailer:Message-ID:From:Date: X-MIMETrack:Content-Type; b=ULM4daaocch30kHCVyKtixWGHjNJqC1EyCAdQHv4ifRrRz3xwUqxRtSk LCNHAUGCKnOvfQMeXEa2N2ALQwGpUAJeU8IR61/5NfmFja8r3GaTj38QD tfpZ92P0q6C1MPf; DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nominet.org.uk; i=Ray.Bellis@nominet.org.uk; q=dns/txt; s=main.dkim.nominet.selector; t=1236933044; x=1268469044; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20Ray.Bellis@nominet.org.uk|Subject:=20Re:=20[dnse xt]=20WGLC:=20DNS=20Proxy=20Implementation=20Guidelines |Date:=20Fri,=2013=20Mar=202009=2008:30:41=20+0000 |Message-ID:=20|To:=20Paul=20Selkirk=20< Paul_Selkirk@isc.org>|Cc:=20namedroppers@ops.ietf.org,=0D =0A=09owner-namedroppers@ops.ietf.org|MIME-Version:=201.0 |In-Reply-To:=20<20090312232511.81F82E6074@farside.isc.or g>|References:=20<200903122231.n2CMVjXB033807@stora.ogud. com>=20<20090312232511.81F82E6074@farside.isc.org>; bh=ddOvXP6UmzC48SYN74J1bYIww9X9mHJjjT71Yuxc5rk=; b=o0DOPcJ/CBNfZ8KpDWxfpjZxjIL3Kkc95W0YfA69qnXnyMlYqisl+0x3 2R6pqPZaZImxeZqCrHfIBEJCk9hJnTjEQSGhqdipgkUWvl2Aa2QNO6XCo R6nqkWEqW0zu7zL; X-IronPort-AV: E=Sophos;i="4.38,356,1233532800"; d="scan'208";a="8955296" Received: from notes1.nominet.org.uk ([213.248.197.128]) by mx4.nominet.org.uk with ESMTP; 13 Mar 2009 08:30:42 +0000 In-Reply-To: <20090312232511.81F82E6074@farside.isc.org> References: <200903122231.n2CMVjXB033807@stora.ogud.com> <20090312232511.81F82E6074@farside.isc.org> To: Paul Selkirk Cc: namedroppers@ops.ietf.org, owner-namedroppers@ops.ietf.org Subject: Re: [dnsext] WGLC: DNS Proxy Implementation Guidelines MIME-Version: 1.0 X-Mailer: Lotus Notes Build V85_M2_08202008 August 20, 2008 Message-ID: From: Ray.Bellis@nominet.org.uk Date: Fri, 13 Mar 2009 08:30:41 +0000 X-MIMETrack: Serialize by Router on notes1/Nominet(Release 7.0.1FP1 | May 25, 2006) at 13/03/2009 08:30:42 AM, Serialize complete at 13/03/2009 08:30:42 AM Content-Type: multipart/alternative; boundary="=_alternative 002EC16A80257578_=" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: This is a multipart message in MIME format. --=_alternative 002EC16A80257578_= Content-Type: text/plain; charset="US-ASCII" > 5.1. Domain Name Server (DHCP Option 6) > It is therefore RECOMMENDED that gateways SHOULD support end-user > configuration of values for the "Domain Name Server" DHCP option. > > As near as I can tell (after several close readings), what this is > suggesting is that, if the DHCP client sends Option 6, the gateway's > DHCP server should echo it back, rather than sending its own IP > address. This means the DNS server option would be hardcoded in the > DHCP client configuration, rather than being hardcoded in the stub > resolver. It's nothing to do with echoing any Option 6 supplied by the DHCP client. It means hard-coded in the gateway's GUI, such that any mobile client can still learn the correct settings. > 5.2. Domain Name (DHCP Option 15) > Since no standard exists for a "local" scoped domain name suffix it > is RECOMMENDED that the default value for this option SHOULD be > empty, and that this option SHOULD NOT be sent to clients when no > value is configured. > > I'm not sure what you're suggesting here. Don't misconfigure this > option? In particular, it means don't put in something like '.vendor'. Ray --=_alternative 002EC16A80257578_= Content-Type: text/html; charset="US-ASCII"
> 5.1.  Domain Name Server (DHCP Option 6)
>    It is therefore RECOMMENDED that gateways SHOULD support end-user
>    configuration of values for the "Domain Name Server" DHCP option.
>
> As near as I can tell (after several close readings), what this is
> suggesting is that, if the DHCP client sends Option 6, the gateway's
> DHCP server should echo it back, rather than sending its own IP
> address.  This means the DNS server option would be hardcoded in the
> DHCP client configuration, rather than being hardcoded in the stub
> resolver.

It's nothing to do with echoing any Option 6 supplied by the DHCP client.

It means hard-coded in the gateway's GUI, such that any mobile client can still learn the correct settings.

> 5.2.  Domain Name (DHCP Option 15)
>    Since no standard exists for a "local" scoped domain name suffix it
>    is RECOMMENDED that the default value for this option SHOULD be
>    empty, and that this option SHOULD NOT be sent to clients when no
>    value is configured.
>
> I'm not sure what you're suggesting here.  Don't misconfigure this
> option?
In particular, it means don't put in something like '.vendor'.

Ray

--=_alternative 002EC16A80257578_=-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From et@thenapavalleyreserve.com Fri Mar 13 01:59:22 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 21FA228C1E6; Fri, 13 Mar 2009 01:59:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.353 X-Spam-Level: X-Spam-Status: No, score=-0.353 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DYNAMIC=1.144, J_CHICKENPOX_44=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_RECV_SPAM_DOMN0b=1.666, SARE_SPEC_ROLEX_NOV5A=1.062, SARE_SUB_PERFECT=0.725, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xDL2-ekzHXVb; Fri, 13 Mar 2009 01:59:15 -0700 (PDT) Received: from 218-169-1-227.dynamic.hinet.net (218-169-1-227.dynamic.hinet.net [218.169.1.227]) by core3.amsl.com (Postfix) with SMTP id E87243A6931; Fri, 13 Mar 2009 01:58:17 -0700 (PDT) Message-ID: <4796oi4008directory@ietf.org> From: "Elise Elder" To: "Brenda Alston" X-Originating-IP: 240.232.212.158 by 169.84.121.160; Fri, 13 Mar 2009 05:55:56 -0400 Subject: Rep watch is a perfect gift Date: Fri, 13 Mar 2009 04:58:56 -0500 Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Have you been dreaming about owning an expensive designer watch? Now you can, just without the high price tag! http://www.lewiwihof.cn At Exqu1site Reps we specialize in fine watches imitations, offering our customers the same beauty and craftsmanship that an original carries, matched by a ridiculously low price that is sometimes hard to believe, but very much true! http://www.lewiwihof.cn Get ready to feel like a kid in a candy store when you see our incredible collection of fine reproduction timepieces at Exqu1site Reps! Come on, get started now! From owner-namedroppers@ops.ietf.org Fri Mar 13 08:30:34 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2FBAE28C1BC; Fri, 13 Mar 2009 08:30:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.45 X-Spam-Level: X-Spam-Status: No, score=-5.45 tagged_above=-999 required=5 tests=[AWL=-0.702, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rBlYydHMJ9qG; Fri, 13 Mar 2009 08:30:26 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id F2DE228C177; Fri, 13 Mar 2009 08:30:24 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Li9A9-000B5F-KE for namedroppers-data0@psg.com; Fri, 13 Mar 2009 15:19:05 +0000 Received: from [192.150.186.11] (helo=fruitcake.ICSI.Berkeley.EDU) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Li9A4-000B4v-Nl for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 15:19:03 +0000 Received: from [IPv6:::1] (fruitcake [192.150.186.11]) by fruitcake.ICSI.Berkeley.EDU (8.12.11.20060614/8.12.11) with ESMTP id n2DFIBk1004723; Fri, 13 Mar 2009 08:18:11 -0700 (PDT) Cc: Nicholas Weaver , namedroppers@ops.ietf.org Message-Id: <418B0E20-483C-4DE8-AFCE-300926DB3EE8@icsi.berkeley.edu> From: Nicholas Weaver To: =?ISO-8859-1?Q?=D3lafur_Gu=F0mundsson_/DNSEXT_chair?= In-Reply-To: <200903122231.n2CMVjXB033807@stora.ogud.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Apple Message framework v930.3) Subject: Re: [dnsext] WGLC: DNS Proxy Implementation Guidelines Date: Fri, 13 Mar 2009 08:18:50 -0700 References: <200903122231.n2CMVjXB033807@stora.ogud.com> X-Mailer: Apple Mail (2.930.3) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: I've read this document and am generally happy with it. No nits/etc jumped out at me either, either on a reread or looking at =20= the DIFFs. On Mar 12, 2009, at 3:21 PM, =D3lafur Gu=F0mundsson /DNSEXT chair wrote: > > This note starts a Working Group Last Call for this Standards Track =20= > document > ending on midnight April 2'nd UTZ 2009. > > URL for the document and its history: > http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-dnsproxy/ > > We are planning to ask for publication as a BCP. We think that it =20 > does not > update any RFC. Some may think that the recommendations in the =20 > document > do in fact update a Standards Track document. If you believe that, > please tell us the specific text you think is problematic, and > what RFC it updates. > > Please read the document carefully, this is an important document that > the DNS community can use to improve the behavior of an important =20 > segment of > the industry. > > The document process rules in this working group, require that at =20 > least > 5 members of the working to state that they have reviewed the document > and there is consensus of support to publish it as a BCP. > > Notes: the final wording of section 4.5 will be determined during =20 > this last call. > Some issues have been raised about SHOULD/MUST language in there, see > http://ops.ietf.org/lists/namedroppers/namedroppers.2009/msg00289.html > > Olafur (for the chairs) > -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 08:56:45 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6DAA43A699F; Fri, 13 Mar 2009 08:56:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -7.726 X-Spam-Level: X-Spam-Status: No, score=-7.726 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_MODEMCABLE=0.768, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AIY3nsbFOMeE; Fri, 13 Mar 2009 08:56:39 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 49B463A69A8; Fri, 13 Mar 2009 08:56:39 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Li9fO-000CXu-8Q for namedroppers-data0@psg.com; Fri, 13 Mar 2009 15:51:22 +0000 Received: from [24.40.8.145] (helo=pacdcimo01.cable.comcast.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Li9fJ-000CXa-Ou for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 15:51:19 +0000 Received: from ([24.40.15.92]) by pacdcimo01.cable.comcast.com with ESMTP id 5503620.30000009; Fri, 13 Mar 2009 10:51:07 -0500 Received: from PACDCEXCMB06.cable.comcast.com ([24.40.15.22]) by PACDCEXCSMTP03.cable.comcast.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 13 Mar 2009 11:51:07 -0400 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C9A3F3.7B948E3E" Subject: RE: [dnsext] WGLC: DNS Proxy Implementation Guidelines Date: Fri, 13 Mar 2009 11:51:30 -0400 Message-ID: In-Reply-To: <200903122231.n2CMVjXB033807@stora.ogud.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [dnsext] WGLC: DNS Proxy Implementation Guidelines Thread-Index: AcmjZHTDqGC+4W62Qo6G8858ZG3cfQAjKyUA References: <200903122231.n2CMVjXB033807@stora.ogud.com> From: "Griffiths, Chris" To: X-OriginalArrivalTime: 13 Mar 2009 15:51:07.0670 (UTC) FILETIME=[85F6E360:01C9A3F3] Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: This is a multi-part message in MIME format. ------_=_NextPart_001_01C9A3F3.7B948E3E Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hello, =20 I have read through the latest version of the draft and I want to voice my support for this document. It is very important that we get a set of guidelines on DNS proxies particularly with gateways given the current lack of support for EDNS0, DNSSEC, etc for these types of devices. I also support the standardized approach of allowing users to set transparency to enable support for sending queries directly to caching name servers up stream as detailed in section 3 and 5.1 in the draft instead of forcing the end user to only use the proxy. =20 Thanks=20 ------_=_NextPart_001_01C9A3F3.7B948E3E Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hello,

 

I have read through the latest version of the draft and I = want to voice my support for this document.  It is very important that we = get a set of guidelines on DNS proxies particularly with gateways given the = current lack of support for EDNS0, DNSSEC, etc for these types of devices.  = I also support the standardized approach of allowing users to set transparency = to enable support for sending queries directly to caching name servers up = stream as detailed in section 3 and 5.1 in the draft instead of forcing the end = user to only use the proxy.

 

Thanks

------_=_NextPart_001_01C9A3F3.7B948E3E-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 08:57:05 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2B9043A6A01; Fri, 13 Mar 2009 08:57:05 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.847 X-Spam-Level: X-Spam-Status: No, score=-0.847 tagged_above=-999 required=5 tests=[AWL=-0.353, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XmLUfZwANxO9; Fri, 13 Mar 2009 08:56:59 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 57CF63A69E0; Fri, 13 Mar 2009 08:56:59 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Li9eX-000CV0-4q for namedroppers-data0@psg.com; Fri, 13 Mar 2009 15:50:29 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Li9eP-000CTw-UZ for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 15:50:26 +0000 Received: from [0.0.0.0] (mail.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2DFoEpS041688; Fri, 13 Mar 2009 11:50:14 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: Date: Fri, 13 Mar 2009 11:47:32 -0400 To: namedroppers@ops.ietf.org From: Edward Lewis Subject: [dnsext] question on RFC 5011, section 2.4.3 Cc: ed.lewis@neustar.biz Content-Type: multipart/alternative; boundary="============_-975163082==_ma============" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --============_-975163082==_ma============ Content-Type: text/plain; charset="us-ascii" ; format="flowed" #2.4.3. Minimum Trust Anchors per Trust Point # # A compliant resolver MUST be able to manage at least five SEP keys # per trust point. Does this mean that any delegation has to accommodate "at least five" DS records? And, is this minimum per algorithm? Like, 5 RSA-SHA1's and 5 DSA-NSEC3-SHA1's? -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Getting everything you want is easy if you don't want much. --============_-975163082==_ma============ Content-Type: text/html; charset="us-ascii" question on RFC 5011, section 2.4.3
#2.4.3.  Minimum Trust Anchors per Trust Point
#
#   A compliant resolver MUST be able to manage at least five SEP keys
#   per trust point.
Does this mean that any delegation has to accommodate "at least five" DS records?

And, is this minimum per algorithm?  Like, 5 RSA-SHA1's and 5 DSA-NSEC3-SHA1's?

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis             
NeuStar                    You can leave a voice message at +1-571-434-5468

Getting everything you want is easy if you don't want much.
--============_-975163082==_ma============-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 09:17:06 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8E6723A687F; Fri, 13 Mar 2009 09:17:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.445 X-Spam-Level: X-Spam-Status: No, score=-0.445 tagged_above=-999 required=5 tests=[AWL=-0.250, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wckl-rwNLWsI; Fri, 13 Mar 2009 09:17:05 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id BC9533A65A5; Fri, 13 Mar 2009 09:17:05 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Li9ze-000Dbm-D9 for namedroppers-data0@psg.com; Fri, 13 Mar 2009 16:12:18 +0000 Received: from [217.147.82.63] (helo=mail.avalus.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Li9zZ-000Db8-Q7 for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 16:12:16 +0000 Received: from [192.168.100.48] (localhost [127.0.0.1]) by mail.avalus.com (Postfix) with ESMTP id 2FC30C2DA3; Fri, 13 Mar 2009 16:12:11 +0000 (GMT) Date: Fri, 13 Mar 2009 16:12:09 +0000 From: Alex Bligh Reply-To: Alex Bligh To: =?UTF-8?Q?=C3=93lafur_Gu=C3=B0mundsson_=2FDNSEXT_chair?= , namedroppers@ops.ietf.org cc: Alex Bligh Subject: Re: [dnsext] WGLC: DNS Proxy Implementation Guidelines Message-ID: <20AE779C8B1E992A51D6163C@nimrod.local> In-Reply-To: <200903122231.n2CMVjXB033807@stora.ogud.com> References: <200903122231.n2CMVjXB033807@stora.ogud.com> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --On 12 March 2009 18:21:50 -0400 "=C3=93lafur Gu=C3=B0mundsson /DNSEXT = chair"=20 wrote: > Please read the document carefully, this is an important document that > the DNS community can use to improve the behavior of an important segment > of the industry. > > The document process rules in this working group, require that at least > 5 members of the working to state that they have reviewed the document > and there is consensus of support to publish it as a BCP. I have reviewed this document. I support its publication as a BCP. I suspect there may be scope for an RFC with many of the recommendations in here made mandatory; I do not, however, think this should impede publication of this document as a BCP. Alex -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 09:18:37 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5F18728C1E4; Fri, 13 Mar 2009 09:18:37 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.495 X-Spam-Level: X-Spam-Status: No, score=-0.495 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6BEw7Nh-AOJi; Fri, 13 Mar 2009 09:18:36 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 7C6723A6954; Fri, 13 Mar 2009 09:18:36 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiA37-000Dpa-KE for namedroppers-data0@psg.com; Fri, 13 Mar 2009 16:15:53 +0000 Received: from [66.102.165.8] (helo=atlmtaow03.cingularme.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiA32-000Dp9-Hf for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 16:15:50 +0000 Received: from [10.49.77.144] (really [32.144.181.204]) by atlmtaow03.cingularme.com (InterMail vM.6.01.04.00 201-2131-118-20041027) with ESMTP id <20090313161545.RZKI10574.atlmtaow03.cingularme.com@[10.49.77.144]>; Fri, 13 Mar 2009 12:15:45 -0400 References: Message-Id: From: Michael Graff To: Edward Lewis In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit X-Mailer: iPhone Mail (5H11) Mime-Version: 1.0 (iPhone Mail 5H11) Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Date: Fri, 13 Mar 2009 11:15:30 -0500 Cc: "namedroppers@ops.ietf.org" , "ed.lewis@neustar.biz" X-Cloudmark-Analysis: v=1.0 c=1 a=k3af7F-rB54A:10 a=s9w5D3q5qWsA:10 a=iAUzt4vIkvsRNflki7TMoA==:17 a=4PiQRpMRPvkOHQxlPAQA:9 a=5bmv3mbv30n7r0s1TZHQktHXyeAA:4 a=9k6G2--EmesA:10 a=CWfAmLVWKswA:10 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: I'm actually wondering the same thing but from a dlv point of view. I am not certain 5011 is intending to be used at the ds or dlv level at all, but only for otherwise hard-configured trust anchors? Adding this rollover to Isc's dlv will, at first glance, require some changes. I find the more interesting question to be which dlv to publish when a revoke is detected. It changes the key tag, so do we publish the old dlv or a new one or both? My first take is old one for the hold down period then nothing for that key. --Michael On Mar 13, 2009, at 10:47, Edward Lewis wrote: > #2.4.3. Minimum Trust Anchors per Trust Point > # > # A compliant resolver MUST be able to manage at least five SEP keys > # per trust point. > Does this mean that any delegation has to accommodate "at least > five" DS records? > > And, is this minimum per algorithm? Like, 5 RSA-SHA1's and 5 DSA- > NSEC3-SHA1's? > > -- > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > =-=-=- > Edward Lewis > NeuStar You can leave a voice message at +1-571-434-5468 > > Getting everything you want is easy if you don't want much. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 09:26:18 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3B9913A6A01; Fri, 13 Mar 2009 09:26:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.135 X-Spam-Level: X-Spam-Status: No, score=-0.135 tagged_above=-999 required=5 tests=[AWL=-1.037, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=1.396, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xlgj9M89t5dm; Fri, 13 Mar 2009 09:26:17 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 0C4413A65A5; Fri, 13 Mar 2009 09:26:17 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiA8S-000E6w-8Z for namedroppers-data0@psg.com; Fri, 13 Mar 2009 16:21:24 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiA8M-000E6B-Th for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 16:21:21 +0000 Received: from [0.0.0.0] (gatt.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2DGLCop042020; Fri, 13 Mar 2009 12:21:12 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <200903122231.n2CMVjXB033807@stora.ogud.com> References: <200903122231.n2CMVjXB033807@stora.ogud.com> Date: Fri, 13 Mar 2009 12:21:09 -0400 To: namedroppers@ops.ietf.org From: Edward Lewis Subject: Re: [dnsext] WGLC: DNS Proxy Implementation Guidelines Cc: ed.lewis@neustar.biz Content-Type: multipart/alternative; boundary="============_-975161224==_ma============" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --============_-975161224==_ma============ Content-Type: text/plain; charset="iso-8859-1" ; format="flowed" Content-Transfer-Encoding: quoted-printable At 18:21 -0400 3/12/09, =D3lafur Gu=F0mundsson /DNSEXT chair wrote: This note starts a Working Group Last Call for this Standards Track document ending on midnight April 2'nd UTZ 2009. URL for the document and its history: http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-dnsproxy/ Re-reading this, it is much more clear to me that=20 this applies to broadband gateways. (Last time I=20 was thinking stateful firewalls and such.)=20 Knowing that this document talks about things=20 like broadband joining devices increases the=20 readability. I have one suggestion, and I mean this as a=20 suggestion. I think the title should be changed=20 to: DNS Broadband Proxy Implementation Guidelines (addition of "Broadband") I know this sounds a little petty, but in the=20 history of this WG a lot of good work has gone=20 into documents that were given grand titles and=20 drew criticism because the work was focused on=20 something particular. In this revision, the=20 abstract and intro do a good job of limiting the=20 scope. -- -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D= -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Getting everything you want is easy if you don't want much. --============_-975161224==_ma============ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Re: [dnsext] WGLC: DNS Proxy Implementation Guidelines
At 18:21 -0400 3/12/09, =D3lafur Gu=F0mundsson /DNSEXT
 chair wrote:
This note starts a Working Group Last Call for this Standards Track document
ending on midnight April 2'nd UTZ 2009.
URL for the document and its history:
 http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-dnsproxy/


Re-reading this, it is much more clear to me that this applies to broadband gateways.  (Last time I was thinking stateful firewalls and such.)  Knowing that this document talks about things like broadband joining devices increases the readability.

I have one suggestion, and I mean this as a suggestion.  I think the title should be changed to:

               DNS Broadband Proxy Implementation Guidelines

(addition of "Broadband")

I know this sounds a little petty, but in the history of this WG a lot of good work has gone into documents that were given grand titles and drew criticism because the work was focused on something particular.  In this revision, the abstract and intro do a good job of limiting the scope.
--
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-= =3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Edward Lewis             
NeuStar                    You can leave a voice message at +1-571-434-5468

Getting everything you want is easy if you don't want much.
--============_-975161224==_ma============-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 09:52:08 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AF7103A69E0; Fri, 13 Mar 2009 09:52:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.495 X-Spam-Level: X-Spam-Status: No, score=-0.495 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3Q5Mtma9omZ2; Fri, 13 Mar 2009 09:52:08 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id E7D2D3A65A5; Fri, 13 Mar 2009 09:52:07 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiAXv-000FhE-AJ for namedroppers-data0@psg.com; Fri, 13 Mar 2009 16:47:43 +0000 Received: from [192.96.22.18] (helo=citadel.cequrux.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiAXf-000FfD-D4 for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 16:47:38 +0000 Received: (from nobody@localhost) by citadel.cequrux.com (8.12.11/8.12.11) id n2DGlIub064991 for ; Fri, 13 Mar 2009 18:47:18 +0200 (SAST) (envelope-from apb@cequrux.com) Received: by citadel.cequrux.com via recvmail id 64580; Fri, 13 Mar 2009 18:39:36 +0200 (SAST) Date: Fri, 13 Mar 2009 18:39:32 +0200 From: Alan Barrett To: namedroppers@ops.ietf.org Subject: Re: [dnsext] WGLC: DNS Proxy Implementation Guidelines Message-ID: <20090313163932.GB19556@apb-laptoy.apb.alt.za> References: <200903122231.n2CMVjXB033807@stora.ogud.com> <20090312232511.81F82E6074@farside.isc.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20090312232511.81F82E6074@farside.isc.org> Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Thu, 12 Mar 2009, Paul Selkirk wrote: > I have read this draft, and I generally approve. However, there are a > couple sections that left me puzzled. Given that this document is > intended as guidance to the vendor community, it should probably be as > clear as possible. > > 5.1. Domain Name Server (DHCP Option 6) > It is therefore RECOMMENDED that gateways SHOULD support end-user > configuration of values for the "Domain Name Server" DHCP option. "end user" here means "the administrator of the gateway device", not "the user of some other device that is a dhcp client of the gateway". Perhaps this and other uses of the term "end user" should be edited for clarity. --apb (Alan Barrett) -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 10:42:56 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B790C3A6909; Fri, 13 Mar 2009 10:42:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.385 X-Spam-Level: X-Spam-Status: No, score=-101.385 tagged_above=-999 required=5 tests=[AWL=1.215, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Ru7iLzIm42W; Fri, 13 Mar 2009 10:42:55 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id F316E3A688B; Fri, 13 Mar 2009 10:42:45 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiBJv-000Hzv-T0 for namedroppers-data0@psg.com; Fri, 13 Mar 2009 17:37:19 +0000 Received: from [2001:4f8:0:2::1c] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiBJq-000HzP-Nd for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 17:37:16 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTPS id AA9FE11402C; Fri, 13 Mar 2009 17:37:11 +0000 (UTC) (envelope-from Evan_Hunt@isc.org) Received: by farside.isc.org (Postfix, from userid 10292) id 85951E607C; Fri, 13 Mar 2009 17:37:11 +0000 (UTC) Date: Fri, 13 Mar 2009 17:37:11 +0000 From: Evan Hunt To: Edward Lewis Cc: namedroppers@ops.ietf.org Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Message-ID: <20090313173711.GB96582@isc.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > #2.4.3. Minimum Trust Anchors per Trust Point > # > # A compliant resolver MUST be able to manage at least five SEP keys > # per trust point. > > Does this mean that any delegation has to accommodate "at least five" > DS records? My reading of this is that it refers to the resolver/validator, not to the authoritative zone or its parent. The resolver maintains, in local storage, a set of trust anchors for a given trust point. If a new, properly-validated key is added to the DNSKEY RRset seen at the zone apex, then the resolver adds that key to its local storage, and eventually begins using it as a trust anchor. If an key at the zone apex is marked revoked, then the resolver stops using it as a trust anchor, and eventually deletes it from local storage. This implies there has to be space in local storage for multiple keys per trust point; the RFC sets a minimum size. DS is... sort of orthogonal to this. 5011 addresses *trust anchors*--that is, the *top* of an island of security. If your zone has a signed parent, it's not an island; so long as my resolver has a trust anchor for your parent, I don't need to maintain one for *you*. 5011 has little, if anything, to say about the delegation. But, I'm sure it will happen that a zone with a signed parent will want to support 5011 anyway. (In fact, I already know of one: dlv.isc.org.) However, I don't think this changes things for the parents much. A child may have multiple KSKs in its DNSKEY RRset, but the parent still only needs to publish a DS record for the active one. It might be a good idea to support advance publication of the stand-by key, so that key rollover events run more smoothly, but this is optional. In any case, unless I've overlooked something, I don't see why a delegation would ever need to support DS records for more than two keys at a time. -- Evan Hunt -- each@isc.org Internet Systems Consortium, Inc. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 10:51:51 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B8A1628C0EE; Fri, 13 Mar 2009 10:51:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.792 X-Spam-Level: X-Spam-Status: No, score=-0.792 tagged_above=-999 required=5 tests=[AWL=-0.297, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j8VTiAc+jXn5; Fri, 13 Mar 2009 10:51:51 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id BA9173A6927; Fri, 13 Mar 2009 10:51:49 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiBTg-000IiC-3S for namedroppers-data0@psg.com; Fri, 13 Mar 2009 17:47:24 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiBTQ-000Igm-IP for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 17:47:13 +0000 Received: from [0.0.0.0] (ns.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2DHkvar042740; Fri, 13 Mar 2009 13:46:58 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <20090313173711.GB96582@isc.org> References: <20090313173711.GB96582@isc.org> Date: Fri, 13 Mar 2009 13:46:55 -0400 To: Evan Hunt From: Edward Lewis Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: Edward Lewis , namedroppers@ops.ietf.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: At 17:37 +0000 3/13/09, Evan Hunt wrote: >In any case, unless I've overlooked something, I don't see why a delegation >would ever need to support DS records for more than two keys at a time. ...per algorithm? In either case, I'm uneasy trying to meet only the minimum requirements here. For one, security makes things brittle, we don't want to make things to tight. Also, we are only beginning to get around to operational experience and that's a better way to determine how things will work than what we have so far. I can imagine a single DS to multiple KEYs, two DS to one key, and other configurations. DNSSEC was designed to allow multiple different keys to sign a zone and that shouldn't be cut off because we think we can be more efficient with allowing minimal keys and DSs. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Getting everything you want is easy if you don't want much. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 11:11:23 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0CBF53A6878; Fri, 13 Mar 2009 11:11:23 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.127 X-Spam-Level: X-Spam-Status: No, score=0.127 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ixdwI+Px3qAp; Fri, 13 Mar 2009 11:11:22 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 1B69F3A67AF; Fri, 13 Mar 2009 11:11:22 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiBkJ-000K7o-JT for namedroppers-data0@psg.com; Fri, 13 Mar 2009 18:04:35 +0000 Received: from [209.85.217.164] (helo=mail-gx0-f164.google.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiBkE-000K6l-9q for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 18:04:32 +0000 Received: by gxk8 with SMTP id 8so3410173gxk.17 for ; Fri, 13 Mar 2009 11:04:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; bh=mjN8CDUJjAEFlHpaeu5rC8HuRcWiVpvll6qKAa4wHos=; b=uylJWeUmTlSy1twVOpG6hEG6+uW4Uz+Txotf6yg1aN08sE3IA1US5vBn557fAHt8yK uon2wM4q3xVN+0Ha3vtrQG6gV5se4nt5SnJ4lTUFBbEJ1Y6KBDRx4/BFaz+QgUyL0+8j 00MM13HMktne9+6U+6GQoSv8IBUPJLIQS6TeQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:date:x-google-sender-auth:message-id:subject :from:to:content-type:content-transfer-encoding; b=SJHtnn199N6CDq5NT24D57hCD/zNbzNckbjD6Cd5S4Hw+2+6uZq8flia8ZoJTSopt3 p2En4vRH1jXWJ64ZKqmXvoYKYYwjZ3La6pC+xjWYbUcUrgozzQmv2M4ba5GWomRSvkmr +w7W454SiulmnhMBHr7+FlW408UPj1FCFIGvA= MIME-Version: 1.0 Received: by 10.150.229.5 with SMTP id b5mr2600585ybh.96.1236967469737; Fri, 13 Mar 2009 11:04:29 -0700 (PDT) Date: Fri, 13 Mar 2009 12:04:29 -0600 X-Google-Sender-Auth: a07f03c15942a297 Message-ID: Subject: Re: [dnsext] WGLC: DNS Proxy Implementation Guidelines From: Francisco Arias To: namedroppers@ops.ietf.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: I read the document and I support it in general. I just have an small suggestion. In section 5.3 is written: " Another possibility is that the learnt upstream values might be persisted in non-volatile memory such that on reboot the same values can be automatically offered via DHCP. However this does run the risk that incorrect values are initially offered if the device is moved or connected to another ISP." I suggest removing this paragraph because of the very same reason that is stated in the last sentence of the paragraph. I think is a much better option to have short lived DHCP leases as mentioned later on the document. Even the option of offering the proxy's own IP as the DNS server is better than the option described in the aforementioned paragraph. Regards, fjac ________________________________ > Date: Thu, 12 Mar 2009 18:21:50 -0400 > To: namedroppers@ops.ietf.org > From: ogud@ogud.com > Subject: [dnsext] WGLC: DNS Proxy Implementation Guidelines > > This note starts a Working Group Last Call for this > Standards Track document ending on midnight April 2'nd UTZ 2009. > > URL for the document and its history: > > http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-dnsproxy/ > > We are planning to ask for publication as a BCP. We think that > it does not update any RFC. Some may think that the recommendations in the > document do in fact update a Standards Track document. If you believe that, > please tell us the specific text you think is problematic, and what RFC it updates. > > Please read the document carefully, this is an important document that > the DNS community can use to improve the behavior of an important segment > of the industry. > > The document process rules in this working group, require that at > least 5 members of the working to state that they have reviewed the > document and there is consensus of support to publish it as a BCP. > > Notes: the final wording of section 4.5 will be determined during this > last call. > > Some issues have been raised about SHOULD/MUST language in there, see > > http://ops.ietf.org/lists/namedroppers/namedroppers.2009/msg00289.html > > > Olafur > (for the chairs) -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 11:16:50 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5319D3A6909; Fri, 13 Mar 2009 11:16:50 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.734 X-Spam-Level: X-Spam-Status: No, score=-0.734 tagged_above=-999 required=5 tests=[AWL=-0.597, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 94uSjJ6SjlTM; Fri, 13 Mar 2009 11:16:49 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 7C9AA3A67AF; Fri, 13 Mar 2009 11:16:49 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiBpf-000Kh2-9g for namedroppers-data0@psg.com; Fri, 13 Mar 2009 18:10:07 +0000 Received: from [76.96.62.17] (helo=QMTA10.westchester.pa.mail.comcast.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiBpZ-000Kga-Ii for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 18:10:04 +0000 Received: from OMTA05.westchester.pa.mail.comcast.net ([76.96.62.43]) by QMTA10.westchester.pa.mail.comcast.net with comcast id ShSN1b0080vyq2s5AiA2dR; Fri, 13 Mar 2009 18:10:02 +0000 Received: from MIKES-LAPTOM.comcast.net ([68.48.0.201]) by OMTA05.westchester.pa.mail.comcast.net with comcast id SiA11b0084LCBKY3RiA1EM; Fri, 13 Mar 2009 18:10:02 +0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Fri, 13 Mar 2009 14:10:02 -0400 To: Alfred =?hp-roman8?B?SM5uZXM=?= ,namedroppers@ops.ietf.org From: Michael StJohns Subject: Re: [dnsext] IANA considerations in the RSA-SHA2 draft In-Reply-To: <200903121815.TAA13279@TR-Sys.de> References: <200903121815.TAA13279@TR-Sys.de> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Message-Id: At 02:15 PM 3/12/2009, Alfred =?hp-roman8?B?SM5uZXM=?= wrote: >Therefore, with respect to the title of the draft, I regard any >statement on the applicability of the newly specified DNSSEC >algorithms to TSIG as out-of-scope for this draft. >Related considerations should be left to a future independent >specification, which naturally could make a normative reference >to this document, if desired. I think Ed was making a specific statement about the expected response from IANA for the registry and I think he's correct. Simply leaving the column empty (or in the case of the document, omitting it) looks like it was just overlooked in the document. I'd suggest making an explicit entry in the table of "*" for the transaction security column and have a related footnote (for the table) that "*" means "There has been no determination of standardization of the use of this algorithm with transaction security" or something along those lines. This completes the table AND provides an explanation for while the column isn't Y or N which should make IANA happy. Mike. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 11:25:37 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 488053A67AF; Fri, 13 Mar 2009 11:25:37 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.559 X-Spam-Level: X-Spam-Status: No, score=-101.559 tagged_above=-999 required=5 tests=[AWL=1.041, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6LxpEq+VUd0e; Fri, 13 Mar 2009 11:25:36 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 3A5D33A6855; Fri, 13 Mar 2009 11:25:36 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiC1R-000Lfg-Ts for namedroppers-data0@psg.com; Fri, 13 Mar 2009 18:22:17 +0000 Received: from [2001:4f8:0:2::1c] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiC1N-000LfH-0O for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 18:22:15 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTPS id 31DF011402C; Fri, 13 Mar 2009 18:22:06 +0000 (UTC) (envelope-from Evan_Hunt@isc.org) Received: by farside.isc.org (Postfix, from userid 10292) id 0AB8EE607B; Fri, 13 Mar 2009 18:22:06 +0000 (UTC) Date: Fri, 13 Mar 2009 18:22:05 +0000 From: Evan Hunt To: Edward Lewis Cc: namedroppers@ops.ietf.org Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Message-ID: <20090313182205.GE96582@isc.org> References: <20090313173711.GB96582@isc.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: > >In any case, unless I've overlooked something, I don't see why a delegation > >would ever need to support DS records for more than two keys at a time. > > ...per algorithm? That would seem advisable, yes. > In either case, I'm uneasy trying to meet only the minimum > requirements here. I agree, but I thought we were speaking of minimum requirements. :) > DNSSEC was designed to allow multiple different keys to sign a zone and > that shouldn't be cut off because we think we can be more efficient with > allowing minimal keys and DSs. At the protocol level, I don't think there's any problem. A parent can hold as many DS records for a child zone as it likes (subject to disk space and bandwidth), just as it can hold as many NS records as it likes. But a registry may place arbitrary operational limits on the number of DS records that can be submitted into a TLD. That's the point I was addressing--how small a limit can they set and have the system still work well. IMHO a registry MUST allow enough DS records for one KSK, SHOULD allow enough for two, and MAY allow more than that. But it's not 5011 saying so; 5011 doesn't address this. It's just me making a suggestion. -- Evan Hunt -- each@isc.org Internet Systems Consortium, Inc. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 11:27:16 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E0D0828C126; Fri, 13 Mar 2009 11:27:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.824 X-Spam-Level: X-Spam-Status: No, score=-0.824 tagged_above=-999 required=5 tests=[AWL=-0.388, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, HTML_MESSAGE=0.001, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zBF6ZzDr7cb8; Fri, 13 Mar 2009 11:27:16 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id F02D828C16A; Fri, 13 Mar 2009 11:27:15 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiBz5-000LVx-Pb for namedroppers-data0@psg.com; Fri, 13 Mar 2009 18:19:51 +0000 Received: from [76.96.62.40] (helo=QMTA04.westchester.pa.mail.comcast.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiBz1-000LVU-B7 for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 18:19:49 +0000 Received: from OMTA04.westchester.pa.mail.comcast.net ([76.96.62.35]) by QMTA04.westchester.pa.mail.comcast.net with comcast id ScJp1b0050ldTLk54iKnY7; Fri, 13 Mar 2009 18:19:47 +0000 Received: from MIKES-LAPTOM.comcast.net ([68.48.0.201]) by OMTA04.westchester.pa.mail.comcast.net with comcast id SiKm1b0044LCBKY3QiKmwY; Fri, 13 Mar 2009 18:19:47 +0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Fri, 13 Mar 2009 14:19:47 -0400 To: Edward Lewis ,namedroppers@ops.ietf.org From: Michael StJohns Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: ed.lewis@neustar.biz In-Reply-To: References: Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="=====================_65365859==.ALT" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Message-Id: --=====================_65365859==.ALT Content-Type: text/plain; charset="us-ascii" I wrote it to mean 5 SEP keys which could be provided/stored either as DS or DNSKEY or bare. Remember that 5011 only sees DNSKEY records when considering whether or not to update a resolvers trust point state. And its the minimum per trust point, not per algorithm... It maybe should have been per algorithm, but since the trust point only needs one valid signature over the apex DNSKEY RRSet it's unclear this is needed. Hmm.. ok - here's a question. Does the collection of algorithms in set of trust anchors define the algorithms with which the zone must be signed or is it the collection of algorithms in the apex DNSKEY RRSet that defines those algorithms and why? The 5011 assumption is that it's the latter. At 11:47 AM 3/13/2009, Edward Lewis wrote: >#2.4.3. Minimum Trust Anchors per Trust Point ># ># A compliant resolver MUST be able to manage at least five SEP keys ># per trust point. >Does this mean that any delegation has to accommodate "at least five" DS records? > >And, is this minimum per algorithm? Like, 5 RSA-SHA1's and 5 DSA-NSEC3-SHA1's? > > >-- >-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >Edward Lewis >NeuStar You can leave a voice message at +1-571-434-5468 > >Getting everything you want is easy if you don't want much. --=====================_65365859==.ALT Content-Type: text/html; charset="us-ascii" I wrote it to mean 5 SEP keys which could be provided/stored either as DS or DNSKEY or bare. Remember that 5011 only sees DNSKEY records when considering whether or not to update a resolvers trust point state.

And its the minimum per trust point, not per algorithm...   It maybe should have been per algorithm, but since the trust point only needs one valid signature over the apex DNSKEY RRSet it's unclear this is needed. 

Hmm.. ok - here's a question.  Does the collection of algorithms in set of trust anchors define the algorithms with which the zone must be signed or is it the collection of algorithms in the apex DNSKEY RRSet that defines those algorithms and why?  The 5011 assumption is that it's the latter.


At 11:47 AM 3/13/2009, Edward Lewis wrote:
#2.4.3.  Minimum Trust Anchors per Trust Point
#
#   A compliant resolver MUST be able to manage at least five SEP keys
#   per trust point.
Does this mean that any delegation has to accommodate "at least five" DS records?

And, is this minimum per algorithm?  Like, 5 RSA-SHA1's and 5 DSA-NSEC3-SHA1's?


--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis            
NeuStar                    You can leave a voice message at +1-571-434-5468

Getting everything you want is easy if you don't want much.

--=====================_65365859==.ALT-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 11:30:04 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 68BEB28C0F7; Fri, 13 Mar 2009 11:30:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.789 X-Spam-Level: X-Spam-Status: No, score=-0.789 tagged_above=-999 required=5 tests=[AWL=-0.352, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rDbtZFcThRYD; Fri, 13 Mar 2009 11:30:03 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 66E1C3A684E; Fri, 13 Mar 2009 11:30:03 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiC68-000M3b-Fa for namedroppers-data0@psg.com; Fri, 13 Mar 2009 18:27:08 +0000 Received: from [76.96.62.64] (helo=QMTA07.westchester.pa.mail.comcast.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiC64-000M3C-3m for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 18:27:06 +0000 Received: from OMTA10.westchester.pa.mail.comcast.net ([76.96.62.28]) by QMTA07.westchester.pa.mail.comcast.net with comcast id ShLs1b0070cZkys57iT40t; Fri, 13 Mar 2009 18:27:04 +0000 Received: from MIKES-LAPTOM.comcast.net ([68.48.0.201]) by OMTA10.westchester.pa.mail.comcast.net with comcast id SiT41b0074LCBKY3WiT4H1; Fri, 13 Mar 2009 18:27:04 +0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Fri, 13 Mar 2009 14:27:04 -0400 To: Michael Graff , Edward Lewis From: Michael StJohns Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: "namedroppers@ops.ietf.org" , "ed.lewis@neustar.biz" In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Message-Id: Hi Michael At 12:15 PM 3/13/2009, Michael Graff wrote: >I'm actually wondering the same thing but from a dlv point of view. I >am not certain 5011 is intending to be used at the ds or dlv level at >all, but only for otherwise hard-configured trust anchors? Since you have an ongoing relationship with the zone to which a DLV record points, I'd say it really doesn't apply to you. They should just provide the updated records or deletion thereof. >Adding this rollover to Isc's dlv will, at first glance, require some >changes. > >I find the more interesting question to be which dlv to publish when a >revoke is detected. It changes the key tag, so do we publish the old >dlv or a new one or both? > >My first take is old one for the hold down period then nothing for >that key. The old one (sans REVOKE bit) will be gone - its replaced in the DNSKEY RRSet with the one with the revoke bit. When your customer does this, they should send you an update with the new DNSKEY or DNSKEY RRSet (or at least the appropriate identifying information). Ideally, the DLV pointer will point to a non-revoked SEP key.... Mike >--Michael > > >On Mar 13, 2009, at 10:47, Edward Lewis wrote: > >>#2.4.3. Minimum Trust Anchors per Trust Point >># >># A compliant resolver MUST be able to manage at least five SEP keys >># per trust point. >>Does this mean that any delegation has to accommodate "at least >>five" DS records? >> >>And, is this minimum per algorithm? Like, 5 RSA-SHA1's and 5 DSA- NSEC3-SHA1's? >> >>-- >>-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =-=-=- >>Edward Lewis >>NeuStar You can leave a voice message at +1-571-434-5468 >> >>Getting everything you want is easy if you don't want much. > >-- >to unsubscribe send a message to namedroppers-request@ops.ietf.org with >the word 'unsubscribe' in a single line as the message text body. >archive: -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 11:48:39 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BAE3B3A6AA4; Fri, 13 Mar 2009 11:48:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 3.134 X-Spam-Level: *** X-Spam-Status: No, score=3.134 tagged_above=-999 required=5 tests=[AWL=-1.116, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, FH_RELAY_NODNS=1.451, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9FOPxT6ZGoXE; Fri, 13 Mar 2009 11:48:39 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id D57563A65A5; Fri, 13 Mar 2009 11:48:38 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiCLs-000NFM-DG for namedroppers-data0@psg.com; Fri, 13 Mar 2009 18:43:24 +0000 Received: from [213.178.172.147] (helo=WOTAN.TR-Sys.de) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiCLn-000NEr-Aq for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 18:43:21 +0000 Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3) id AA292039676; Fri, 13 Mar 2009 19:41:16 +0100 Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id TAA15495; Fri, 13 Mar 2009 19:41:06 +0100 (MEZ) From: Alfred =?hp-roman8?B?SM5uZXM=?= Message-Id: <200903131841.TAA15495@TR-Sys.de> Subject: Re: [dnsext] IANA considerations in the RSA-SHA2 draft To: mstjohns@comcast.net Date: Fri, 13 Mar 2009 19:41:06 +0100 (MEZ) Cc: namedroppers@ops.ietf.org In-Reply-To: <200903131808.AA291627691@w.> from Michael StJohns at Mar "13," 2009 "02:10:02" pm X-Mailer: ELM [$Revision: 1.17.214.3 $] Mime-Version: 1.0 Content-Type: text/plain; charset=hp-roman8 Content-Transfer-Encoding: 8bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: At Fri, 13 Mar 2009 14:10:02 -0400 , Michael StJohns wrote: > At 02:15 PM 3/12/2009, Alfred HÎnes wrote: > >> Therefore, with respect to the title of the draft, I regard any >> statement on the applicability of the newly specified DNSSEC >> algorithms to TSIG as out-of-scope for this draft. >> Related considerations should be left to a future independent >> specification, which naturally could make a normative reference >> to this document, if desired. > > I think Ed was making a specific statement about the expected > response from IANA for the registry and I think he's correct. > Simply leaving the column empty (or in the case of the document, > omitting it) looks like it was just overlooked in the document. > > I'd suggest making an explicit entry in the table of "*" for the > transaction security column and have a related footnote (for the > table) that "*" means "There has been no determination of > standardization of the use of this algorithm with transaction > security" or something along those lines. This completes the > table AND provides an explanation for while the column isn't > Y or N which should make IANA happy. > > Mike. I agree. That's reasonable. My hope was that IANA might be able to go back to what they had done for RFC 4034, but holding the clerical pencil will be on the safe side. :-) I also agree with Edward Lewis that this work has priority now, but a cleanup/facelifting effort for the IANA registry should be undertaken as soon as cycles are available to do so. Alfred. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 11:53:33 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 86AD63A6932; Fri, 13 Mar 2009 11:53:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.78 X-Spam-Level: X-Spam-Status: No, score=-0.78 tagged_above=-999 required=5 tests=[AWL=-0.286, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fr03ZN-rLSBY; Fri, 13 Mar 2009 11:53:32 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 5FBEA3A65A5; Fri, 13 Mar 2009 11:53:32 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiCSF-000Naj-DD for namedroppers-data0@psg.com; Fri, 13 Mar 2009 18:49:59 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiCSA-000NaO-68 for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 18:49:57 +0000 Received: from [0.0.0.0] (mail.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2DInjKA043494; Fri, 13 Mar 2009 14:49:46 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Fri, 13 Mar 2009 14:43:56 -0400 To: Michael StJohns From: Edward Lewis Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: Edward Lewis , namedroppers@ops.ietf.org Content-Type: multipart/alternative; boundary="============_-975152310==_ma============" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --============_-975152310==_ma============ Content-Type: text/plain; charset="us-ascii" ; format="flowed" At 14:19 -0400 3/13/09, Michael StJohns wrote: Hmm.. ok - here's a question. Does the collection of algorithms in set of trust anchors define the algorithms with which the zone must be signed or is it the collection of algorithms in the apex DNSKEY RRSet that defines those algorithms and why? The 5011 assumption is that it's the latter. I recall writing that if an algorithm is used to sign one RRset in a zone, it signs all. Not a key, but an algorithm. The rationale stemmed from what was in a DS RRset. The DS RRset does not limit the keys used to sign the zone, but it is the way a resolver can determine if the zone is signed with an algorithm the resolver "knows." What's in the DS RRset is a subset of what's in the DNSKEY RRset (meaning there can be more keys in the DNSKEY and more algorithms in the DNSKEY set than the DNS set. My impression is that a trust anchor, be it a DS or DNSKEY, is a way to validate the first DS seen (going down a subtree with DNSSEC). Once there, any of the keys can be used to descend to the next link in the chain. Descending the chain does not have to be done in one algorithm. I can have a DS with key alg 5. I find in the DNSKEY set a corresponding key (to the hash in the DS) and a key of alg 7. I can use that key to validate the DS set of the next zone down, which may have alg 6 in there. And so on. To make this all more robust, we need to allow for a plethora of algorithms and require that just one path is needed - a "thread of trust?" -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Getting everything you want is easy if you don't want much. --============_-975152310==_ma============ Content-Type: text/html; charset="us-ascii" Re: [dnsext] question on RFC 5011, section 2.4.3
At 14:19 -0400 3/13/09, Michael StJohns wrote:

Hmm.. ok - here's a question.  Does the collection of algorithms in set of trust anchors define the algorithms with which the zone must be signed or is it the collection of algorithms in the apex DNSKEY RRSet that defines those algorithms and why?  The 5011 assumption is that it's the latter.

I recall writing that if an algorithm is used to sign one RRset in a zone, it signs all.  Not a key, but an algorithm.

The rationale stemmed from what was in a DS RRset.  The DS RRset does not limit the keys used to sign the zone, but it is the way a resolver can determine if the zone is signed with an algorithm the resolver "knows."  What's in the DS RRset is a subset of what's in the DNSKEY RRset (meaning there can be more keys in the DNSKEY and more algorithms in the DNSKEY set than the DNS set.

My impression is that a trust anchor, be it a DS or DNSKEY, is a way to validate the first DS seen (going down a subtree with DNSSEC).  Once there, any of the keys can be used to descend to the next link in the chain.

Descending the chain does not have to be done in one algorithm.

I can have a DS with key alg 5.  I find in the DNSKEY set a corresponding key (to the hash in the DS) and a key of alg 7.  I can use that key to validate the DS set of the next zone down, which may have alg 6 in there.  And so on.

To make this all more robust, we need to allow for a plethora of algorithms and require that just one path is needed - a "thread of trust?"

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis             
NeuStar                    You can leave a voice message at +1-571-434-5468

Getting everything you want is easy if you don't want much.
--============_-975152310==_ma============-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 11:54:53 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7EBA53A6B2D; Fri, 13 Mar 2009 11:54:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.371 X-Spam-Level: X-Spam-Status: No, score=-1.371 tagged_above=-999 required=5 tests=[AWL=-0.877, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bzOtNVz1018L; Fri, 13 Mar 2009 11:54:52 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 59B733A65A5; Fri, 13 Mar 2009 11:54:52 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiCS1-000NZo-EI for namedroppers-data0@psg.com; Fri, 13 Mar 2009 18:49:45 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiCRw-000NZR-Ml for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 18:49:42 +0000 Received: from Puki.ogud.com (nyttbox.md.ogud.com [10.20.30.4]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2DInXXp043489; Fri, 13 Mar 2009 14:49:33 -0400 (EDT) (envelope-from ogud@ogud.com) Message-Id: <200903131849.n2DInXXp043489@stora.ogud.com> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Fri, 13 Mar 2009 14:49:21 -0400 To: Edward Lewis , Evan Hunt From: Olafur Gudmundsson Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: namedroppers@ops.ietf.org In-Reply-To: References: <20090313173711.GB96582@isc.org> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="=====================_97884570==.ALT" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --=====================_97884570==.ALT Content-Type: text/plain; charset="us-ascii"; format=flowed At 13:46 13/03/2009, Edward Lewis wrote: >At 17:37 +0000 3/13/09, Evan Hunt wrote: > >>In any case, unless I've overlooked something, I don't see why a delegation >>would ever need to support DS records for more than two keys at a time. > >...per algorithm? > >In either case, I'm uneasy trying to meet only the minimum >requirements here. For one, security makes things brittle, we don't >want to make things to tight. Also, we are only beginning to get >around to operational experience and that's a better way to >determine how things will work than what we have so far. Things are different depending on what role you are keeping trust anchors. For a zone it may need to have 1-3 per DNSKEY algorithm at the same time (current, next one, old one). For a delegation parent this is two different policy issues: How many DS records per DNSKEY algorithm can be listed at the same time How many DS digest algorithms are listed. For the first one the number can be as low as 1 or as high as the policy allows. The issue here is how many times does a child want to update a parent during a rollover? here are few ways to do it in actions K = DNSKEY S= RRSIG D= DS k = Old key K = New key (same for Sigs and DS) One DS ksd ==> kKsSd ==> kKsSD ==> KSD Two DS ksd ==> kKsd ==> kKsSdD ==> KSdD ==> KSD Registry needs to be able to support both IMHO. For trust anchor maintainers using TIMERS things are more difficult as the maintainer must keep track of old keys for a long time. 5 keys per algorithm is lower bound for that system Olafur --=====================_97884570==.ALT Content-Type: text/html; charset="us-ascii" At 13:46 13/03/2009, Edward Lewis wrote:
At 17:37 +0000 3/13/09, Evan Hunt wrote:

In any case, unless I've overlooked something, I don't see why a delegation
would ever need to support DS records for more than two keys at a time.

...per algorithm?

In either case, I'm uneasy trying to meet only the minimum requirements here.  For one, security makes things brittle, we don't want to make things to tight.  Also, we are only beginning to get around to operational experience and that's a better way to determine how things will work than what we have so far.


Things are different depending on what role you are keeping trust anchors.
For a zone it may need to have 1-3 per DNSKEY algorithm at the same time
(current, next one, old one).

For a delegation parent this is two different policy issues:
        How many DS records per DNSKEY algorithm can be listed at the same time
        How many DS digest algorithms are listed.
 
For the first one the number can be as low as 1 or as high as the policy allows.
The issue here is how many times does a child want to update a parent
during a rollover? 
here are few ways to do it in actions
K = DNSKEY S= RRSIG D= DS
k = Old key K = New key (same for Sigs and DS)
One DS
        ksd ==> kKsSd ==> kKsSD ==> KSD 
Two DS
        ksd ==> kKsd ==> kKsSdD ==> KSdD ==> KSD


Registry needs to be able to support both IMHO.


For trust anchor maintainers using TIMERS
things are more difficult as the maintainer must keep track of old keys
for a long time.
5 keys per algorithm is lower bound for that system

        Olafur
 --=====================_97884570==.ALT-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 12:08:06 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E68273A6B1F; Fri, 13 Mar 2009 12:08:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.91 X-Spam-Level: X-Spam-Status: No, score=-0.91 tagged_above=-999 required=5 tests=[AWL=-1.310, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_INFO=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uCitAoVq7rjg; Fri, 13 Mar 2009 12:08:06 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 28BE43A6A57; Fri, 13 Mar 2009 12:08:06 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiCgD-000OhA-I6 for namedroppers-data0@psg.com; Fri, 13 Mar 2009 19:04:25 +0000 Received: from [208.86.224.201] (helo=mail.yitter.info) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiCg9-000Ogd-05 for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 19:04:22 +0000 Received: from crankycanuck.ca (69-196-144-230.dsl.teksavvy.com [69.196.144.230]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yitter.info (Postfix) with ESMTPSA id 9E5CE2FEA4F4 for ; Fri, 13 Mar 2009 19:04:17 +0000 (UTC) Date: Fri, 13 Mar 2009 15:04:15 -0400 From: Andrew Sullivan To: namedroppers@ops.ietf.org Subject: Re: [dnsext] IANA considerations in the RSA-SHA2 draft Message-ID: <20090313190415.GR27788@shinkuro.com> References: <200903121815.TAA13279@TR-Sys.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Fri, Mar 13, 2009 at 02:10:02PM -0400, Michael StJohns wrote: > I'd suggest making an explicit entry in the table of "*" for the > transaction security column and have a related footnote (for the > table) that "*" means "There has been no determination of > standardization of the use of this algorithm with transaction > security" or something along those lines. I like this idea, and the document editor says he does too. So we'll plan to add it. If you have additional comments, everyone, now would be a good time to get them in. We're going to try to wrap up this document for publication request soon. Best, A (as document shepherd). -- Andrew Sullivan ajs@shinkuro.com Shinkuro, Inc. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 12:16:16 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A992F3A6A57; Fri, 13 Mar 2009 12:16:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.77 X-Spam-Level: X-Spam-Status: No, score=-0.77 tagged_above=-999 required=5 tests=[AWL=-0.275, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ffT-XxfqBZgy; Fri, 13 Mar 2009 12:16:16 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id CD11F3A68CC; Fri, 13 Mar 2009 12:16:15 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiClZ-000P1i-BI for namedroppers-data0@psg.com; Fri, 13 Mar 2009 19:09:57 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiClU-000P1N-Fo for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 19:09:55 +0000 Received: from [0.0.0.0] (mail.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2DJ9hIQ043753; Fri, 13 Mar 2009 15:09:43 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: <200903131849.n2DInXXp043489@stora.ogud.com> References: <20090313173711.GB96582@isc.org> <200903131849.n2DInXXp043489@stora.ogud.com> Date: Fri, 13 Mar 2009 15:03:00 -0400 To: Olafur Gudmundsson From: Edward Lewis Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: Edward Lewis , Evan Hunt , namedroppers@ops.ietf.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: At 14:49 -0400 3/13/09, Olafur Gudmundsson wrote: >5 keys per algorithm is lower bound for that system The question is - why 5? (Like, where did that number come from?) And do they need to be current? -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Getting everything you want is easy if you don't want much. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 13:42:21 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 58C9F3A6B20; Fri, 13 Mar 2009 13:42:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.759 X-Spam-Level: X-Spam-Status: No, score=-0.759 tagged_above=-999 required=5 tests=[AWL=-0.323, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, HTML_MESSAGE=0.001, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kqK7qhx2jNa5; Fri, 13 Mar 2009 13:42:20 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 201143A6AED; Fri, 13 Mar 2009 13:42:20 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiE7I-0003sj-2S for namedroppers-data0@psg.com; Fri, 13 Mar 2009 20:36:28 +0000 Received: from [76.96.62.16] (helo=QMTA01.westchester.pa.mail.comcast.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiE7D-0003sQ-5N for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 20:36:25 +0000 Received: from OMTA02.westchester.pa.mail.comcast.net ([76.96.62.19]) by QMTA01.westchester.pa.mail.comcast.net with comcast id Sdj71b0520QuhwU51kcPUe; Fri, 13 Mar 2009 20:36:23 +0000 Received: from MIKES-LAPTOM.comcast.net ([68.48.0.201]) by OMTA02.westchester.pa.mail.comcast.net with comcast id SkcM1b00d4LCBKY3NkcNRb; Fri, 13 Mar 2009 20:36:23 +0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Fri, 13 Mar 2009 16:36:20 -0400 To: Edward Lewis From: Michael StJohns Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: Edward Lewis ,namedroppers@ops.ietf.org In-Reply-To: References: Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="=====================_73561437==.ALT" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Message-Id: --=====================_73561437==.ALT Content-Type: text/plain; charset="us-ascii" I don't think that exactly answers my question but that's OK.. I think the answer to my question is that the trust anchor can point to any key which signs the apex DNSKEY; that the trust anchor set need not include all keys which sign the apex (but 5011 may pick them up over time if they are SEP keys), that the set of algorithms that must sign the zone is determined by the set of keys that sign the apex DNSKEY RRSet whether they are SEP keys or not. At 02:43 PM 3/13/2009, Edward Lewis wrote: >At 14:19 -0400 3/13/09, Michael StJohns wrote: > >Hmm.. ok - here's a question. Does the collection of algorithms in set of trust anchors define the algorithms with which the zone must be signed or is it the collection of algorithms in the apex DNSKEY RRSet that defines those algorithms and why? The 5011 assumption is that it's the latter. > >I recall writing that if an algorithm is used to sign one RRset in a zone, it signs all. Not a key, but an algorithm. > >The rationale stemmed from what was in a DS RRset. The DS RRset does not limit the keys used to sign the zone, but it is the way a resolver can determine if the zone is signed with an algorithm the resolver "knows." What's in the DS RRset is a subset of what's in the DNSKEY RRset (meaning there can be more keys in the DNSKEY and more algorithms in the DNSKEY set than the DNS set. > >My impression is that a trust anchor, be it a DS or DNSKEY, is a way to validate the first DS seen (going down a subtree with DNSSEC). Once there, any of the keys can be used to descend to the next link in the chain. > >Descending the chain does not have to be done in one algorithm. > >I can have a DS with key alg 5. I find in the DNSKEY set a corresponding key (to the hash in the DS) and a key of alg 7. I can use that key to validate the DS set of the next zone down, which may have alg 6 in there. And so on. > >To make this all more robust, we need to allow for a plethora of algorithms and require that just one path is needed - a "thread of trust?" > > >-- >-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >Edward Lewis >NeuStar You can leave a voice message at +1-571-434-5468 > >Getting everything you want is easy if you don't want much. --=====================_73561437==.ALT Content-Type: text/html; charset="us-ascii" I don't think that exactly answers my question but that's OK..

I think the answer to my question is that the trust anchor can point to any key which signs the apex DNSKEY; that the trust anchor set need not include all keys which sign the apex (but 5011 may pick them up over time if they are SEP keys), that the set of algorithms that must sign the zone is determined by the set of keys that sign the apex DNSKEY RRSet whether they are SEP keys or not.


At 02:43 PM 3/13/2009, Edward Lewis wrote:
At 14:19 -0400 3/13/09, Michael StJohns wrote:

Hmm.. ok - here's a question.  Does the collection of algorithms in set of trust anchors define the algorithms with which the zone must be signed or is it the collection of algorithms in the apex DNSKEY RRSet that defines those algorithms and why?  The 5011 assumption is that it's the latter.

I recall writing that if an algorithm is used to sign one RRset in a zone, it signs all.  Not a key, but an algorithm.

The rationale stemmed from what was in a DS RRset.  The DS RRset does not limit the keys used to sign the zone, but it is the way a resolver can determine if the zone is signed with an algorithm the resolver "knows."  What's in the DS RRset is a subset of what's in the DNSKEY RRset (meaning there can be more keys in the DNSKEY and more algorithms in the DNSKEY set than the DNS set.

My impression is that a trust anchor, be it a DS or DNSKEY, is a way to validate the first DS seen (going down a subtree with DNSSEC).  Once there, any of the keys can be used to descend to the next link in the chain.

Descending the chain does not have to be done in one algorithm.

I can have a DS with key alg 5.  I find in the DNSKEY set a corresponding key (to the hash in the DS) and a key of alg 7.  I can use that key to validate the DS set of the next zone down, which may have alg 6 in there.  And so on.

To make this all more robust, we need to allow for a plethora of algorithms and require that just one path is needed - a "thread of trust?"


--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis            
NeuStar                    You can leave a voice message at +1-571-434-5468

Getting everything you want is easy if you don't want much.

--=====================_73561437==.ALT-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 14:06:12 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5BAB03A6830; Fri, 13 Mar 2009 14:06:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.76 X-Spam-Level: X-Spam-Status: No, score=-0.76 tagged_above=-999 required=5 tests=[AWL=-0.265, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ojc+Y3ibwlsK; Fri, 13 Mar 2009 14:06:11 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 91CA23A680A; Fri, 13 Mar 2009 14:06:11 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiEUz-0005A7-JU for namedroppers-data0@psg.com; Fri, 13 Mar 2009 21:00:57 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiEUu-00059d-V5 for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 21:00:55 +0000 Received: from [0.0.0.0] (ns.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2DL0if3044763; Fri, 13 Mar 2009 17:00:45 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Fri, 13 Mar 2009 16:57:47 -0400 To: Michael StJohns From: Edward Lewis Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: Edward Lewis , namedroppers@ops.ietf.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: At 16:36 -0400 3/13/09, Michael StJohns wrote: >I don't think that exactly answers my question but that's OK.. > >I think the answer to my question is that the trust anchor can point to any >key which signs the apex DNSKEY; that the trust anchor set need not include >all keys which sign the apex (but 5011 may pick them up over time if they are >SEP keys), that the set of algorithms that must sign the zone is determined by >the set of keys that sign the apex DNSKEY RRSet whether they are SEP keys or >not. Ack. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Getting everything you want is easy if you don't want much. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 15:03:53 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2EAC728C189; Fri, 13 Mar 2009 15:03:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.636 X-Spam-Level: X-Spam-Status: No, score=-2.636 tagged_above=-999 required=5 tests=[AWL=-0.037, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UAaCayHH3es0; Fri, 13 Mar 2009 15:03:52 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 4001828C188; Fri, 13 Mar 2009 15:03:52 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiFMQ-0008Co-H0 for namedroppers-data0@psg.com; Fri, 13 Mar 2009 21:56:10 +0000 Received: from [2001:470:1f04:392::2] (helo=balder-227.proper.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiFMK-0008CQ-S4 for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 21:56:07 +0000 Received: from [10.20.30.158] (dsl-63-249-108-169.static.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n2DLu0IQ087318 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 13 Mar 2009 14:56:01 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Fri, 13 Mar 2009 14:55:59 -0700 To: Michael StJohns , Edward Lewis From: Paul Hoffman Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: Edward Lewis , namedroppers@ops.ietf.org Content-Type: text/plain; charset="us-ascii" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: At 4:36 PM -0400 3/13/09, Michael StJohns wrote: >I think the answer to my question is that the trust anchor can point to any key which signs the apex DNSKEY; that the trust anchor set need not include all keys which sign the apex (but 5011 may pick them up over time if they are SEP keys), Yes, but.... >that the set of algorithms that must sign the zone is determined by the set of keys that sign the apex DNSKEY RRSet whether they are SEP keys or not. I don't get this. Trust anchors are keys; they don't have algorithms inherently attached. An RSA key, for example, can be used in "RSA-with-SHA1" or "RSA-with-SHA256" or (later) "RSA-with-SHA3-256" and so on. To me, "the algorithms that must sign the zone" doesn't make sense; "the keys that must sign the zone" does. Regardless of where we end up with this, the result of this thread should go in an 5011bis document or possibly in draft-ietf-dnsop-dnssec-trust-anchor. There is a lack of clarity here. --Paul Hoffman, Director --VPN Consortium -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 15:21:45 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 89B5528C1F8; Fri, 13 Mar 2009 15:21:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.435 X-Spam-Level: X-Spam-Status: No, score=-0.435 tagged_above=-999 required=5 tests=[AWL=-0.598, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, J_CHICKENPOX_33=0.6, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dYIV0EwiGZLT; Fri, 13 Mar 2009 15:21:44 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 9C06728C1EE; Fri, 13 Mar 2009 15:21:44 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiFhO-0009Hh-8G for namedroppers-data0@psg.com; Fri, 13 Mar 2009 22:17:50 +0000 Received: from [76.96.62.24] (helo=QMTA02.westchester.pa.mail.comcast.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiFhI-0009HL-Sz for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 22:17:47 +0000 Received: from OMTA13.westchester.pa.mail.comcast.net ([76.96.62.52]) by QMTA02.westchester.pa.mail.comcast.net with comcast id Sjcm1b02L17dt5G52mHl2Y; Fri, 13 Mar 2009 22:17:45 +0000 Received: from MIKES-LAPTOM.comcast.net ([68.48.0.201]) by OMTA13.westchester.pa.mail.comcast.net with comcast id SmHk1b00L4LCBKY3ZmHkMw; Fri, 13 Mar 2009 22:17:45 +0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Fri, 13 Mar 2009 18:17:43 -0400 To: Paul Hoffman ,Edward Lewis From: Michael StJohns Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: Edward Lewis ,namedroppers@ops.ietf.org In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Message-Id: Hi Paul - Trust anchors have two purposes in DNSSEC: they provide trusted public keys, but they also set the "this subtree must be signed" bit in the resolver that has them configured. One of the anti-downgrade "policies" which is somewhere in the pile of accepted wisdom for DNSSEC says that a "zone" must be signed (e.g. all the RRSets in the zone must be signed) with at least one key per each key algorithm present in the apex DNSKEY rrset. E.g. if the apex RRSet has 5 SHA1RSA keys, it only needs to be signed once, but if the apex set has 2 SHA1RSA keys, an SHA256RSA key and 4 ECP256SHA256 (as yet undefined) keys, each RRSet would need at least 3 signatures. Shorthand for that in discussions has always been "signed by the algorithm". Trust anchors are pretty much undefined with respect to how they're stored. They consist - for DNSSEC - of a pointer to a DNSKEY of some sort (name, key tag, hash, fingerprint, etc). Given that 5011 trust anchors are derived from DNSKEYs its possible to capture the key type (which is actually the signature algorithm). Hence my aside about whether or not the trust anchor sets the expected set algorithms - answer is no. Later, Mike At 05:55 PM 3/13/2009, Paul Hoffman wrote: >At 4:36 PM -0400 3/13/09, Michael StJohns wrote: >>I think the answer to my question is that the trust anchor can point to any key which signs the apex DNSKEY; that the trust anchor set need not include all keys which sign the apex (but 5011 may pick them up over time if they are SEP keys), > >Yes, but.... > >>that the set of algorithms that must sign the zone is determined by the set of keys that sign the apex DNSKEY RRSet whether they are SEP keys or not. > >I don't get this. Trust anchors are keys; they don't have algorithms inherently attached. An RSA key, for example, can be used in "RSA-with-SHA1" or "RSA-with-SHA256" or (later) "RSA-with-SHA3-256" and so on. To me, "the algorithms that must sign the zone" doesn't make sense; "the keys that must sign the zone" does. > >Regardless of where we end up with this, the result of this thread should go in an 5011bis document or possibly in draft-ietf-dnsop-dnssec-trust-anchor. There is a lack of clarity here. > >--Paul Hoffman, Director >--VPN Consortium -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 15:36:09 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 76A1C3A6AF1; Fri, 13 Mar 2009 15:36:09 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.495 X-Spam-Level: X-Spam-Status: No, score=-0.495 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5gC3eFesh8a4; Fri, 13 Mar 2009 15:36:08 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 950553A6967; Fri, 13 Mar 2009 15:36:08 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiFvX-000AFI-Ga for namedroppers-data0@psg.com; Fri, 13 Mar 2009 22:32:27 +0000 Received: from [66.102.165.7] (helo=atlmtaow02.cingularme.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiFvR-000AEv-Lt for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 22:32:24 +0000 Received: from [10.148.42.117] (really [32.169.58.178]) by atlmtaow02.cingularme.com (InterMail vM.6.01.04.00 201-2131-118-20041027) with ESMTP id <20090313223216.NVNY8412.atlmtaow02.cingularme.com@[10.148.42.117]>; Fri, 13 Mar 2009 18:32:16 -0400 References: Message-Id: From: Michael Graff To: Paul Hoffman In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit X-Mailer: iPhone Mail (5H11) Mime-Version: 1.0 (iPhone Mail 5H11) Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Date: Fri, 13 Mar 2009 17:32:08 -0500 Cc: Michael StJohns , Edward Lewis , Edward Lewis , "namedroppers@ops.ietf.org" X-Cloudmark-Analysis: v=1.0 c=1 a=k3af7F-rB54A:10 a=s9w5D3q5qWsA:10 a=3ZCZq2vJQSNy7PykGEXUPA==:17 a=48vgC7mUAAAA:8 a=ICi2yHZ3MLQuwEk8u-UA:9 a=0FFtd5s-ITyRXmdKFIkA:7 a=eVVoadQ4zfsNrZ2jKVMlLFmc_OEA:4 a=3tVY_Mm33XkA:10 a=gi0PWCVxevcA:10 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: I don't see a lack of any clarity. A key has a key type and even though the keying material could be used for more than one key type, the type is an integral part if what makes THIS trust anchor bind to THAT dnskey. --Michael On Mar 13, 2009, at 16:55, Paul Hoffman wrote: > At 4:36 PM -0400 3/13/09, Michael StJohns wrote: >> I think the answer to my question is that the trust anchor can >> point to any key which signs the apex DNSKEY; that the trust anchor >> set need not include all keys which sign the apex (but 5011 may >> pick them up over time if they are SEP keys), > > Yes, but.... > >> that the set of algorithms that must sign the zone is determined by >> the set of keys that sign the apex DNSKEY RRSet whether they are >> SEP keys or not. > > I don't get this. Trust anchors are keys; they don't have algorithms > inherently attached. An RSA key, for example, can be used in "RSA- > with-SHA1" or "RSA-with-SHA256" or (later) "RSA-with-SHA3-256" and > so on. To me, "the algorithms that must sign the zone" doesn't make > sense; "the keys that must sign the zone" does. > > Regardless of where we end up with this, the result of this thread > should go in an 5011bis document or possibly in draft-ietf-dnsop- > dnssec-trust-anchor. There is a lack of clarity here. > > --Paul Hoffman, Director > --VPN Consortium > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org > with > the word 'unsubscribe' in a single line as the message text body. > archive: -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From joopdefluiter@wanadoo.nl Fri Mar 13 15:48:59 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B07F928C207; Fri, 13 Mar 2009 15:48:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -29.738 X-Spam-Level: X-Spam-Status: No, score=-29.738 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, J_CHICKENPOX_44=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qblc-BLlADaM; Fri, 13 Mar 2009 15:48:59 -0700 (PDT) Received: from host81-152-161-173.range81-152.btcentralplus.com (host81-152-161-173.range81-152.btcentralplus.com [81.152.161.173]) by core3.amsl.com (Postfix) with SMTP id 6FACD28C204; Fri, 13 Mar 2009 15:48:50 -0700 (PDT) To: "Jana Duran" Date: Fri, 13 Mar 2009 18:49:29 -0500 Subject: Why rep watches are better Message-ID: From: "Cory Pham" Content-Type: text/plain; Content-Transfer-Encoding: 7Bit A fine designer watch says means refinement and money. A fine, non-expensive designer watch also means intelligence! http://www.kayaxevin.cn Visit Exqu1site Reps today and get a terrific designer watch imitation for a uniquely low price. Our watches are the most sought-after in the market, offering you the best performance and unsurpassed quality while allowing you to choose from hundreds of models within dozens of brands! http://www.kayaxevin.cn So, what are you waiting for? Get that unique timepiece today at Exqu1site Reps! From owner-namedroppers@ops.ietf.org Fri Mar 13 16:41:55 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C50BA28C198; Fri, 13 Mar 2009 16:41:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.335 X-Spam-Level: X-Spam-Status: No, score=-2.335 tagged_above=-999 required=5 tests=[AWL=-0.336, BAYES_00=-2.599, J_CHICKENPOX_33=0.6] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mKpGZaoL-A79; Fri, 13 Mar 2009 16:41:55 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id DB5A228C124; Fri, 13 Mar 2009 16:41:54 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiGvB-000DIQ-4k for namedroppers-data0@psg.com; Fri, 13 Mar 2009 23:36:09 +0000 Received: from [2001:470:1f04:392::2] (helo=balder-227.proper.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiGv5-000DHt-61 for namedroppers@ops.ietf.org; Fri, 13 Mar 2009 23:36:05 +0000 Received: from [10.20.30.158] (dsl-63-249-108-169.static.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n2DNZtB2091399 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 13 Mar 2009 16:35:56 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Fri, 13 Mar 2009 16:35:53 -0700 To: Michael StJohns , Edward Lewis , Michael Graff From: Paul Hoffman Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: namedroppers@ops.ietf.org Content-Type: text/plain; charset="us-ascii" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: At 6:17 PM -0400 3/13/09, Michael StJohns wrote: >Trust anchors have two purposes in DNSSEC: they provide trusted public keys, but they also set the "this subtree must be signed" bit in the resolver that has them configured. Sure. >One of the anti-downgrade "policies" which is somewhere in the pile of accepted wisdom for DNSSEC says That does not sound like a good way to run the system we claim will help secure the DNS. > that a "zone" must be signed (e.g. all the RRSets in the zone must be signed) with at least one key per each key algorithm present in the apex DNSKEY rrset. E.g. if the apex RRSet has 5 SHA1RSA keys, it only needs to be signed once, but if the apex set has 2 SHA1RSA keys, an SHA256RSA key and 4 ECP256SHA256 (as yet undefined) keys, each RRSet would need at least 3 signatures. Shorthand for that in discussions has always been "signed by the algorithm". I would want to see that written down someplace. It seems like a bad design. >Trust anchors are pretty much undefined with respect to how they're stored. They consist - for DNSSEC - of a pointer to a DNSKEY of some sort (name, key tag, hash, fingerprint, etc). Given that 5011 trust anchors are derived from DNSKEYs its possible to capture the key type (which is actually the signature algorithm). Hence my aside about whether or not the trust anchor sets the expected set algorithms - answer is no. Good, but... At 5:32 PM -0500 3/13/09, Michael Graff wrote: >I don't see a lack of any clarity. A key has a key type and even though the keying material could be used for more than one key type, the type is an integral part if what makes THIS trust anchor bind to THAT dnskey. If you two disagree, and it is not written down, there is a lack of clarity. --Paul Hoffman, Director --VPN Consortium -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 17:55:02 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9A68A3A693F; Fri, 13 Mar 2009 17:55:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.6 X-Spam-Level: X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7NxtLYaN0UTF; Fri, 13 Mar 2009 17:55:01 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 918AE3A69CD; Fri, 13 Mar 2009 17:55:01 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiI4M-000HVF-A3 for namedroppers-data0@psg.com; Sat, 14 Mar 2009 00:49:42 +0000 Received: from [2001:4f8:0:2::1c] (helo=mx.isc.org) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiI4G-000HUp-BZ for namedroppers@ops.ietf.org; Sat, 14 Mar 2009 00:49:38 +0000 Received: from farside.isc.org (farside.isc.org [IPv6:2001:4f8:3:bb::5]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "farside.isc.org", Issuer "ISC CA" (verified OK)) by mx.isc.org (Postfix) with ESMTPS id B5A80114049 for ; Sat, 14 Mar 2009 00:49:33 +0000 (UTC) (envelope-from Paul_Selkirk@isc.org) Received: by farside.isc.org (Postfix, from userid 10300) id 5AA3FE6079; Sat, 14 Mar 2009 00:49:33 +0000 (UTC) From: Paul Selkirk To: namedroppers@ops.ietf.org In-reply-to: <20090313163932.GB19556@apb-laptoy.apb.alt.za> (message from Alan Barrett on Fri, 13 Mar 2009 18:39:32 +0200) Subject: Re: [dnsext] WGLC: DNS Proxy Implementation Guidelines References: <200903122231.n2CMVjXB033807@stora.ogud.com> <20090312232511.81F82E6074@farside.isc.org> <20090313163932.GB19556@apb-laptoy.apb.alt.za> Message-Id: <20090314004933.5AA3FE6079@farside.isc.org> Date: Sat, 14 Mar 2009 00:49:33 +0000 (UTC) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Alan Barrett said: > "end user" here means "the administrator of the gateway device", not > "the user of some other device that is a dhcp client of the gateway". > > Perhaps this and other uses of the term "end user" should be > edited for clarity. Okay, that makes more sense. When I hear "end-user", I think of the guy with the laptop, not the gateway admin. I suppose the local gateway admin is the "end-user" from the perspective of the gateway equipment vendor. In the following sections, "end-user" appears to refer to the user of a device attached to the gateway (the guy with the laptop): section 3, line 182: Except when required to enforce an active security or network policy (such as maintaining a pre-authentication "walled garden"), end-users SHOULD be able to send their DNS queries to specified upstream resolvers, thereby bypassing the proxy altogether. In this case, the gateway SHOULD NOT modify the DNS request or response packets in any way. section 5.1, line 413: As per Section 3, end-users SHOULD be able to send their DNS queries directly to specified upstream resolvers, ideally without hard-coding those settings in their stub resolver. section 5.3, line 439: In general this behaviour is highly desirable, but the effect for the end-user is that the settings used depend on whether the DHCP lease was obtained before or after the WAN link was established. Suggest changing other occurrences of "end-user" to something like "local gateway admin". Ray Bellis said: > > 5.2. Domain Name (DHCP Option 15) > > Since no standard exists for a "local" scoped domain name suffix it > > is RECOMMENDED that the default value for this option SHOULD be > > empty, and that this option SHOULD NOT be sent to clients when no > > value is configured. > > > > I'm not sure what you're suggesting here. Don't misconfigure this > > option? > > In particular, it means don't put in something like '.vendor'. Which would be misconfiguring the option. It seems sad that we'd have to tell people that the value of the Domain Name Option has to be a valid Domain Name, but that's humans for you. Notwithstanding the ability of local gateway admins to manually bollux their own configs, I wholeheartedly agree that equipment vendors shouldn't be shipping pre-bolluxed gateways. I would only change the SHOULD NOT to a MUST NOT: "this option MUST NOT be sent to clients when no value is configured". paul -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 18:25:02 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8CCEC3A69F0; Fri, 13 Mar 2009 18:25:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.674 X-Spam-Level: X-Spam-Status: No, score=-3.674 tagged_above=-999 required=5 tests=[AWL=-0.974, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, J_CHICKENPOX_33=0.6, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TIGPjwB9kvhg; Fri, 13 Mar 2009 18:25:01 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 8A6EB3A6981; Fri, 13 Mar 2009 18:25:01 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiIVV-000J0Z-LH for namedroppers-data0@psg.com; Sat, 14 Mar 2009 01:17:45 +0000 Received: from [131.111.8.131] (helo=ppsw-1.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiIVQ-000J0J-SV for namedroppers@ops.ietf.org; Sat, 14 Mar 2009 01:17:43 +0000 X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:35367) by ppsw-1.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.151]:25) with esmtpa (EXTERNAL:cet1) id 1LiIVP-0006HF-5R (Exim 4.70) (return-path ); Sat, 14 Mar 2009 01:17:39 +0000 Received: from prayer by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local (PRAYER:cet1) id 1LiIVP-0005Z9-Lq (Exim 4.67) (return-path ); Sat, 14 Mar 2009 01:17:39 +0000 Received: from [131.111.11.47] by webmail.hermes.cam.ac.uk with HTTP (Prayer-1.3.1); 14 Mar 2009 01:17:39 +0000 Date: 14 Mar 2009 01:17:39 +0000 From: Chris Thompson To: Paul Hoffman Cc: namedroppers@ops.ietf.org Reply-To: cet1@cam.ac.uk Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Message-ID: In-Reply-To: References: X-Mailer: Prayer v1.3.1 Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=ISO-8859-1 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Mar 13 2009, Paul Hoffman wrote: >At 6:17 PM -0400 3/13/09, Michael StJohns wrote: [...] >>One of the anti-downgrade "policies" which is somewhere in the pile of >>accepted wisdom for DNSSEC says > >That does not sound like a good way to run the system we claim will help >secure the DNS. > >> that a "zone" must be signed (e.g. all the RRSets in the zone must be >>signed) with at least one key per each key algorithm present in the apex >>DNSKEY rrset. E.g. if the apex RRSet has 5 SHA1RSA keys, it only needs >>to be signed once, but if the apex set has 2 SHA1RSA keys, an SHA256RSA >>key and 4 ECP256SHA256 (as yet undefined) keys, each RRSet would need at >>least 3 signatures. Shorthand for that in discussions has always been >>"signed by the algorithm". > >I would want to see that written down someplace. It seems like a bad design. RFC 4035, end of section 2.2: There MUST be an RRSIG for each RRset using at least one DNSKEY of each algorithm in the zone apex DNSKEY RRset. The apex DNSKEY RRset itself MUST be signed by each algorithm appearing in the DS RRset located at the delegating parent (if any). I don't see why Michael had to call it "accepted wisdom", when it is in fact "published wisdom"! -- Chris Thompson Email: cet1@cam.ac.uk -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Fri Mar 13 19:33:15 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0BE103A6A5F; Fri, 13 Mar 2009 19:33:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.629 X-Spam-Level: X-Spam-Status: No, score=-2.629 tagged_above=-999 required=5 tests=[AWL=-0.030, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vSxFAWf9xC6K; Fri, 13 Mar 2009 19:33:14 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 314533A69EB; Fri, 13 Mar 2009 19:33:14 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiJbE-000M41-Ck for namedroppers-data0@psg.com; Sat, 14 Mar 2009 02:27:44 +0000 Received: from [2001:470:1f04:392::2] (helo=balder-227.proper.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiJb8-000M3f-EB for namedroppers@ops.ietf.org; Sat, 14 Mar 2009 02:27:40 +0000 Received: from [10.20.30.158] (dsl-63-249-108-169.static.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n2E2RULj098235 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 13 Mar 2009 19:27:31 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Fri, 13 Mar 2009 19:27:29 -0700 To: cet1@cam.ac.uk From: Paul Hoffman Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: namedroppers@ops.ietf.org Content-Type: text/plain; charset="us-ascii" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: At 1:17 AM +0000 3/14/09, Chris Thompson wrote: >RFC 4035, end of section 2.2: > > There MUST be an RRSIG for each RRset using at least one DNSKEY of > each algorithm in the zone apex DNSKEY RRset. The apex DNSKEY RRset > itself MUST be signed by each algorithm appearing in the DS RRset > located at the delegating parent (if any). > >I don't see why Michael had to call it "accepted wisdom", when it is >in fact "published wisdom"! Well, there you go. So, what on earth is the reason for those requirements? They are counter to the idea of a trust anchor; they aren't needed for preventing bid-down attacks. Clues would be appreciated. --Paul Hoffman, Director --VPN Consortium -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From bobbyallen1984@yahoo.co.uk Sat Mar 14 08:40:56 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8D8743A6AC5; Sat, 14 Mar 2009 08:40:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -47.37 X-Spam-Level: X-Spam-Status: No, score=-47.37 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HOST_EQ_STATIC=1.172, INVALID_MSGID=1.9, MSGID_SHORT=1.078, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, TVD_RCVD_IP=1.931, URIBL_JP_SURBL=10, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zpzo60IRSj9U; Sat, 14 Mar 2009 08:40:55 -0700 (PDT) Received: from 78-61-194-64.static.zebra.lt (78-61-194-64.static.zebra.lt [78.61.194.64]) by core3.amsl.com (Postfix) with SMTP id C66DE3A6801; Sat, 14 Mar 2009 08:40:45 -0700 (PDT) X-Originating-IP: 90.15.240.160 by smtp.78.61.194.64; Sat, 14 Mar 2009 09:34:24 -0700 Message-ID: <861bf14173OXH> Date: Sat, 14 Mar 2009 11:41:24 -0500 From: "Josh Carney" To: "Josh Carney" Subject: Watches for him, her and you Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Josh I had never seen such beautiful and greatly-performing watches like the ones I found online at http://www.ioqjzupe.cn Take advantage of our winter specials and get yourself Omega watch that you've always wanted! http://www.ioqjzupe.cn Our Omega have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Carney From agnessscaldy@yahoo.co.uk Sat Mar 14 10:25:27 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8A3843A6B37; Sat, 14 Mar 2009 10:25:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -37.566 X-Spam-Level: X-Spam-Status: No, score=-37.566 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FB_ADD_INCHES=2.131, FB_PENIS=1.66, FRT_PENIS1=3.592, INVALID_MSGID=1.9, J_CHICKENPOX_31=0.6, MANGLED_PENIS=2.3, MSGID_SHORT=1.078, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, SARE_ADLTOBFU=0.68, URIBL_BLACK=20, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KxxbphgdeBgY; Sat, 14 Mar 2009 10:25:22 -0700 (PDT) Received: from bnet16.zd.x3d.carnet.hr (bnet16.zd.x3d.carnet.hr [193.198.182.16]) by core3.amsl.com (Postfix) with SMTP id 671D93A686A; Sat, 14 Mar 2009 10:25:11 -0700 (PDT) X-Originating-IP: 221.76.36.8 by smtp.193.198.182.16; Sat, 14 Mar 2009 15:24:48 -0300 Message-ID: <199cs693FCHD> Date: Sat, 14 Mar 2009 10:25:48 -0800 From: "Ervin Clifford" To: "Ervin Clifford" Subject: Size DOES matter Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Ervin, Do you think your pen1s is too small? Now you can help yourself! We have incredible solution which will help you gain inches and make erections stronger in matter of weeks! http://www.lowacinis.cn From owner-namedroppers@ops.ietf.org Sat Mar 14 12:39:30 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 44EAA28B56A; Sat, 14 Mar 2009 12:39:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.45 X-Spam-Level: X-Spam-Status: No, score=-0.45 tagged_above=-999 required=5 tests=[AWL=-0.556, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, J_CHICKENPOX_33=0.6, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eOwE3d2B1rEy; Sat, 14 Mar 2009 12:39:29 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id D66703A69ED; Sat, 14 Mar 2009 12:39:28 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiZZ8-000LxY-0t for namedroppers-data0@psg.com; Sat, 14 Mar 2009 19:30:38 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LiZZ2-000LxE-HT for namedroppers@ops.ietf.org; Sat, 14 Mar 2009 19:30:35 +0000 Received: from [192.168.1.102] (mail.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2EJUB2c054270; Sat, 14 Mar 2009 15:30:12 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Sat, 14 Mar 2009 15:29:55 -0400 To: Paul Hoffman From: Edward Lewis Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: Michael StJohns , Edward Lewis , Michael Graff , namedroppers@ops.ietf.org Content-Type: multipart/alternative; boundary="============_-975063478==_ma============" X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --============_-975063478==_ma============ Content-Type: text/plain; charset="us-ascii" ; format="flowed" At 16:35 -0700 3/13/09, Paul Hoffman wrote: >Someone else (MSJ?) wrote: >>that a "zone" must be signed (e.g. all the RRSets in the zone must be >>signed) with at least one key per each key algorithm present in the apex >>DNSKEY rrset. E.g. if the apex RRSet has 5 SHA1RSA keys, it only needs to >>be signed once, but if the apex set has 2 SHA1RSA keys, an SHA256RSA key >>and 4 ECP256SHA256 (as yet undefined) keys, each RRSet would need at least >>3 signatures. Shorthand for that in discussions has always been "signed >>by the algorithm". > >I would want to see that written down someplace. It seems like a bad design. RFC 4035, end of section 2.2: # There MUST be an RRSIG for each RRset using at least one DNSKEY of # each algorithm in the zone apex DNSKEY RRset. The apex DNSKEY RRset # itself MUST be signed by each algorithm appearing in the DS RRset # located at the delegating parent (if any). "Algorithm" is as defined on this page: http://iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Getting everything you want is easy if you don't want much. --============_-975063478==_ma============ Content-Type: text/html; charset="us-ascii" Re: [dnsext] question on RFC 5011, section 2.4.3
At 16:35 -0700 3/13/09, Paul Hoffman wrote:
>Someone else (MSJ?) wrote:
>>that a "zone" must be signed (e.g. all the RRSets in the zone must be
>>signed) with at least one key per each key algorithm present in the apex
>>DNSKEY rrset.  E.g. if the apex RRSet has 5 SHA1RSA keys, it only needs to
>>be signed once, but if the apex set has 2 SHA1RSA keys, an SHA256RSA key
>>and 4 ECP256SHA256 (as yet undefined) keys, each RRSet would need at least
>>3 signatures.  Shorthand for that in discussions has always been "signed
>>by the algorithm".
>
>I would want to see that written down someplace. It seems like a bad design.
RFC 4035, end of section 2.2:

#   There MUST be an RRSIG for each RRset using at least one DNSKEY of
#   each algorithm in the zone apex DNSKEY RRset.  The apex DNSKEY RRset
#   itself MUST be signed by each algorithm appearing in the DS RRset
#   located at the delegating parent (if any).

"Algorithm" is as defined on this page:

http://iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis             
NeuStar                    You can leave a voice message at +1-571-434-5468

Getting everything you want is easy if you don't want much.
--============_-975063478==_ma============-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From agnesschinhao@yahoo.co.uk Sun Mar 15 01:18:51 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ACD5A3A6974; Sun, 15 Mar 2009 01:18:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -30.398 X-Spam-Level: X-Spam-Status: No, score=-30.398 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, INVALID_MSGID=1.9, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RfxqCFeCd1ih; Sun, 15 Mar 2009 01:18:50 -0700 (PDT) Received: from ppp-58-8-192-122.revip2.asianet.co.th (ppp-58-8-192-122.revip2.asianet.co.th [58.8.192.122]) by core3.amsl.com (Postfix) with SMTP id ACB6A3A69D3; Sun, 15 Mar 2009 01:18:37 -0700 (PDT) X-Originating-IP: 63.94.110.108 by smtp.58.8.192.122; Sun, 15 Mar 2009 07:16:15 -0200 Message-ID: <6114gsu88479NADM> Date: Sun, 15 Mar 2009 04:19:15 -0500 From: "Chang Padgett" To: "Chang Padgett" Subject: Tag Heuer watches wholesale all year long! Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Chang Looking for a Vacheron Constantin? How about getting two, one for you and one for your spouse? http://www.ioaiunre.cn Get two deeply discounted watches and take an extra 15% discount. http://www.ioaiunre.cn Our Vacheron Constantin have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Padgett From etdoeken1999@FTMC.COM Sun Mar 15 02:50:14 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B1AE63A67CC for ; Sun, 15 Mar 2009 02:50:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -54.964 X-Spam-Level: X-Spam-Status: No, score=-54.964 tagged_above=-999 required=5 tests=[BAYES_95=3, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OjiXZ7eQx5BF for ; Sun, 15 Mar 2009 02:50:11 -0700 (PDT) Received: from 163.182.stk.vectranet.pl (163.182.stk.vectranet.pl [88.156.182.163]) by core3.amsl.com (Postfix) with ESMTP id 4DEE83A6A42 for ; Sun, 15 Mar 2009 02:50:09 -0700 (PDT) To: Subject: Discount ID wxrdk From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090315095010.4DEE83A6A42@core3.amsl.com> Date: Sun, 15 Mar 2009 02:50:09 -0700 (PDT) Hello dnsext-archive@lists.ietf.org,
Save 90% on your meds. Visit us
From kurwajonte@yahoo.co.uk Sun Mar 15 04:55:04 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 969D93A6B10; Sun, 15 Mar 2009 04:55:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -32.257 X-Spam-Level: X-Spam-Status: No, score=-32.257 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DYNAMIC=1.144, HELO_EQ_RU=0.595, HOST_EQ_RU=0.875, INVALID_MSGID=1.9, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GDzrBI0t66IS; Sun, 15 Mar 2009 04:55:03 -0700 (PDT) Received: from net144.181.94-146.dynamic.omskdom.ru (net144.181.94-146.dynamic.omskdom.ru [94.181.144.146]) by core3.amsl.com (Postfix) with SMTP id BE8803A687C; Sun, 15 Mar 2009 04:54:58 -0700 (PDT) X-Originating-IP: 186.36.35.55 by smtp.94.181.144.146; Sun, 15 Mar 2009 15:51:36 +0300 Message-ID: <1945ujk660536JLK> Date: Sun, 15 Mar 2009 07:55:36 -0500 From: "Dominick Pollock" To: "Lenny Langley" Subject: March promo on watches Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Gloria Winter is the time to get Bvlgari watch, and the only place to get top notch watches that look and perform exactly like the originals is http://www.iodbrlye.cn With top notch customer service and super warranty, we stand behind our watches. http://www.iodbrlye.cn Our Bvlgari watches have perfect weight and feel same as orginal. Sincerely, Mr Ledford From mmings@ahdubai.com Sun Mar 15 12:22:29 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D2CB628C120 for ; Sun, 15 Mar 2009 12:22:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.379 X-Spam-Level: X-Spam-Status: No, score=-0.379 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_DHCP=1.398, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_CPE=0.5, HOST_EQ_CPE=0.979, HTML_IMAGE_ONLY_32=1.778, HTML_IMAGE_RATIO_04=0.172, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_FROM_DRUGS=1.666, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qo9o+X3pkdOb for ; Sun, 15 Mar 2009 12:22:29 -0700 (PDT) Received: from cpe-069-134-238-199.nc.res.rr.com (cpe-069-134-238-199.nc.res.rr.com [69.134.238.199]) by core3.amsl.com (Postfix) with SMTP id 0BEF728C0FF for ; Sun, 15 Mar 2009 12:22:27 -0700 (PDT) To: Subject: Sales Order walmart.com From: VIAGRA . Official Site MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090315192228.0BEF728C0FF@core3.amsl.com> Date: Sun, 15 Mar 2009 12:22:27 -0700 (PDT)
Men's Health wirzpBuild Maximum MUSCLE, STRENGTH, and POWER!
Try It FREE for 21 Days! ORDER NOW! Plus, get 2 FREE Bonus Gifts!
Dear dnsext-archive

Men's Health recommends


FREE gifts reserved for you: dnsext-archive@ietf.org
If you would prefer not to receive future information about special offers from Men's Health,
you may Unsubscribe.


Customer Service Department, 33 East Minor Street, Emmaus, PA 18098


Copyright, Men's Health
From bobbyallen1984@yahoo.co.uk Sun Mar 15 14:45:55 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0693D3A6A4A; Sun, 15 Mar 2009 14:45:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.098 X-Spam-Level: X-Spam-Status: No, score=-1.098 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DYNAMIC=1.144, INVALID_MSGID=1.9, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_RECV_SPAM_DOMN0b=1.666, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n5mOj+oxYkOV; Sun, 15 Mar 2009 14:45:54 -0700 (PDT) Received: from 114-47-229-23.dynamic.hinet.net (114-47-229-23.dynamic.hinet.net [114.47.229.23]) by core3.amsl.com (Postfix) with SMTP id D05C43A67B2; Sun, 15 Mar 2009 14:45:41 -0700 (PDT) X-Originating-IP: 226.96.26.24 by smtp.114.47.229.23; Sun, 15 Mar 2009 16:39:19 -0600 Message-ID: <294loh781895VFZ> Date: Sun, 15 Mar 2009 17:46:19 -0500 From: "Violet Ali" To: "Violet Ali" Subject: Affordable rep watches Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Violet Looking for a Jaeger LeCoultre watch that no one can tell from the original? You're in luck, because we have the best copies http://www.iodydcje.cn Get two deeply discounted watches and take an extra 15% discount. http://www.iodydcje.cn Our Jaeger LeCoultre have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Ali From ncxxvjnydcy@alfa.com Mon Mar 16 00:21:11 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 592193A68B8 for ; Mon, 16 Mar 2009 00:21:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -21.927 X-Spam-Level: X-Spam-Status: No, score=-21.927 tagged_above=-999 required=5 tests=[AWL=-11.361, BAYES_99=3.5, FH_RELAY_NODNS=1.451, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mYR3eRlTLKkK for ; Mon, 16 Mar 2009 00:21:11 -0700 (PDT) Received: from 201-43-51-206.dsl.telesp.net.br (201-43-51-206.dsl.telesp.net.br [201.43.51.206]) by core3.amsl.com (Postfix) with SMTP id DC6D53A6988 for ; Mon, 16 Mar 2009 00:21:09 -0700 (PDT) To: Subject: itunes.com Invoice #44565 From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090316072109.DC6D53A6988@core3.amsl.com> Date: Mon, 16 Mar 2009 00:21:09 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From joepete@aliroo.com Mon Mar 16 03:13:28 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 579243A6B06 for ; Mon, 16 Mar 2009 03:13:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -28.495 X-Spam-Level: X-Spam-Status: No, score=-28.495 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sea1VUnAHc+x for ; Mon, 16 Mar 2009 03:13:27 -0700 (PDT) Received: from ppp-143-8.98-62.inwind.it (ppp-143-8.98-62.inwind.it [62.98.8.143]) by core3.amsl.com (Postfix) with SMTP id 9E95B3A69A9 for ; Mon, 16 Mar 2009 03:13:26 -0700 (PDT) To: Subject: Sales Order walmart.com From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090316101326.9E95B3A69A9@core3.amsl.com> Date: Mon, 16 Mar 2009 03:13:26 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From owner-namedroppers@ops.ietf.org Mon Mar 16 08:07:00 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 793FA28C0DE; Mon, 16 Mar 2009 08:07:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.316 X-Spam-Level: X-Spam-Status: No, score=-1.316 tagged_above=-999 required=5 tests=[AWL=-1.421, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, J_CHICKENPOX_13=0.6, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6lEWUfp+a7FR; Mon, 16 Mar 2009 08:06:58 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id D28593A69B2; Mon, 16 Mar 2009 08:06:56 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LjEFl-0004zn-80 for namedroppers-data0@psg.com; Mon, 16 Mar 2009 14:57:21 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LjEFb-0004y8-MS for namedroppers@ops.ietf.org; Mon, 16 Mar 2009 14:57:17 +0000 Received: from stora.ogud.com (localhost [127.0.0.1]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2GEv8tb071989 for ; Mon, 16 Mar 2009 10:57:08 -0400 (EDT) (envelope-from namedroppers@stora.ogud.com) Received: (from namedroppers@localhost) by stora.ogud.com (8.14.3/8.14.3/Submit) id n2GEv8HC071988 for namedroppers@ops.ietf.org; Mon, 16 Mar 2009 10:57:08 -0400 (EDT) (envelope-from namedroppers) Received: from [2001:fa8::25] (helo=mail.nttv6.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LjA7O-000D9f-6H for namedroppers@ops.ietf.org; Mon, 16 Mar 2009 10:32:32 +0000 Received: from arifumi1.nttv6.com (arifumi1.nttv6.com [192.47.163.61]) by mail.nttv6.net (8.14.3/8.14.3) with ESMTP id n2GAVQjq048061; Mon, 16 Mar 2009 19:31:29 +0900 (JST) (envelope-from arifumi@nttv6.net) Cc: Tony Finch , namedroppers@ops.ietf.org, ietf@ietf.org Message-Id: <919DC3B8-5571-42ED-92F0-1397A5B3C8C6@nttv6.net> From: Arifumi Matsumoto To: Tim Chown In-Reply-To: <20090304143326.GM23824@login.ecs.soton.ac.uk> Content-Type: multipart/mixed; boundary=Apple-Mail-10--953239708 Mime-Version: 1.0 (Apple Message framework v930.3) Subject: [dnsext] Re: RFC 3484 section 6 rule 9 causing more operational problems Date: Mon, 16 Mar 2009 19:31:21 +0900 References: <20090304143326.GM23824@login.ecs.soton.ac.uk> X-Mailer: Apple Mail (2.930.3) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.0.1 (mail.nttv6.net [192.16.178.5]); Mon, 16 Mar 2009 19:31:29 +0900 (JST) X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: [ Moderators note: Post was moderated, either because it was posted by a non-subscriber, or because it was over 20K. With the massive amount of spam, it is easy to miss and therefore delete relevant posts by non-subscribers. Please fix your subscription addresses. ] --Apple-Mail-10--953239708 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit All, I fail to submit a revision of my draft by cutoff, and could not post it right now. So I attached a draft to this e-mail. I'm sorry that it does not reflect the discussion of this thread greatly. I hope to have comments. Kindest regards, --Apple-Mail-10--953239708 Content-Disposition: attachment; filename=draft-arifumi-6man-rfc3484-revise-01.txt Content-Type: text/plain; x-unix-mode=0644; name="draft-arifumi-6man-rfc3484-revise-01.txt" Content-Transfer-Encoding: quoted-printable Network Working Group A. Matsumoto Internet-Draft T. Fujisaki Intended status: Standards Track NTT Expires: September 17, 2009 R. Hiromi Intec Netcore K. Kanayama INTEC Systems March 16, 2009 Things To Be Considered for RFC 3484 Revision draft-arifumi-6man-rfc3484-revise-01.txt Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on September 17, 2009. Copyright Notice Matsumoto, et al. Expires September 17, 2009 [Page 1] =0C Internet-Draft RFC3484 Revise March 2009 Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents in effect on the date of publication of this document (http://trustee.ietf.org/license-info). Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Abstract RFC 3484 has several known issues to be fixed mainly because of the deprecation of IPv6 site-local unicast address and the coming of ULA. Additionally, the rule 9 of the destination address selection rules, namely the longest matching rule, is known for its adverse effect on the round robin DNS technique. This document covers these essential points to be modified and proposes possible useful changes to be included in the revision of RFC 3484. Matsumoto, et al. Expires September 17, 2009 [Page 2] =0C Internet-Draft RFC3484 Revise March 2009 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.1. Problem Example . . . . . . . . . . . . . . . . . . . . . 4 2. Proposed Changes to RFC 3484 . . . . . . . . . . . . . . . . . 5 2.1. To remove site-local unicast address . . . . . . . . . . . 5 2.2. To change default policy table . . . . . . . . . . . . . . 6 2.3. To change ULA address scope to site-local . . . . . . . . 6 2.4. To add descriptions for source address selection for multicast packet . . . . . . . . . . . . . . . . . . . . . 7 2.5. To make address type dependent control possible . . . . . 7 2.6. To disable or restrict RFC 3484 Section 6 Rule 9 . . . . . 7 2.7. To change private IPv4 address scope . . . . . . . . . . . 8 3. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 9 4. Security Considerations . . . . . . . . . . . . . . . . . . . 9 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 6.1. Normative References . . . . . . . . . . . . . . . . . . . 9 6.2. Informative References . . . . . . . . . . . . . . . . . . 10 Appendix A. Appendix. Revision History . . . . . . . . . . . . . 10 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10 Matsumoto, et al. Expires September 17, 2009 [Page 3] =0C Internet-Draft RFC3484 Revise March 2009 1. Introduction RFC 3484 [RFC3484] defines default address selection rules for IPv6 and IPv4. Because of the deprecation of IPv6 site-local unicast address and the coming of ULA, [RFC4193] these rules in RFC 3484 are known to cause communication failures depending on the network environment. Additionally, there was a discussion at v6ops and ietf mailing lists that the rule 9 of the destination address selection has a serious adverse effect on the round robin DNS technique. [RFC1794] RFC 3484 defines that the destination address selection rule 9 should be applied to both IPv4 and IPv6, which spoils the DNS based load balancing technique that is widely used in the IPv4 Internet today. Remi Denis-Courmont summarized NAT related address selection problems and possible solutions in [I-D.denis-v6ops-nat-addrsel]. Problems related to IPv6 and IPv4 address selection are described in RFC 5220 [RFC5220]. Some of them can be fixed by updating RFC 3484, and others should not. This document covers these essential points to be modified and proposes possible useful changes to be included in the revision of RFC 3484. 1.1. Problem Example When an enterprise has IPv4 Internet connectivity but does not yet have IPv6 Internet connectivity, and the enterprise wants to provide site-local IPv6 connectivity, ULA is the best choice for site-local IPv6 connectivity. Each employee host will have both an IPv4 global or private address and a ULA. Here, when this host tries to connect to Host-C that has registered both A and AAAA records in the DNS, the host will choose AAAA as the destination address and ULA for the source address. This will clearly result in a connection failure. Matsumoto, et al. Expires September 17, 2009 [Page 4] =0C Internet-Draft RFC3484 Revise March 2009 +--------+ | Host-C | AAAA =3D 2001:db8::80 +-----+--+ A =3D 192.47.163.1 | =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D | Internet | =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D | no IPv6 connectivity +----+----+ | Gateway | +----+----+ | | fd01:2:3::/48 (ULA) | 192.0.2.0/24 ++--------+ | Router | +----+----+ | fd01:2:3:4::/64 (ULA) | 192.0.2.240/28 ------+---+---------- | +-+----+ fd01:2:3:4::100 (ULA) | Host | 192.0.2.245 +------+ [Fig. 1] This problem can be solved by changing the scope of ULA to site- local, or by adding one entry to the default policy table that sets lower priority for ULA than IPv4 address. This problem was mentioned at ipv6 mailing lists by Pekka Savola. 2. Proposed Changes to RFC 3484 2.1. To remove site-local unicast address RFC3484 contains a few "site-local unicast" and "fec::" description. It's better to remove examples related to site-local unicast address, or change examples to use ULA. Possible points to be re-written are below. - 2nd paragraph in Section 3.1 describes scope comparison mechanism. Matsumoto, et al. Expires September 17, 2009 [Page 5] =0C Internet-Draft RFC3484 Revise March 2009 - Section 10 contains examples for site-local address. 2.2. To change default policy table The default rule today is: Prefix Precedence Label ::1/128 50 0 ::/0 40 1 2002::/16 30 2 ::/96 20 3 ::ffff:0:0/96 10 4 The changes that should be included into the default policy table are those rules that are universally useful and do no harm in every reasonable network envionment. The changes we should consider for the default policy table are as follows. The policy table is defined to be configurable. The changes that are useful not universally but locally can be put into the policy table manually or by using the auto-configuration mechanism proposed as a DHCP option [I-D.fujisaki-dhc-addr-select-opt]. - IPv4-compatible IPv6 address is deprecated. [RFC4291] (However, should we keep this entry for the sake of backward compatibility ?) - Teredo [RFC4380] is defined and has 2001::/32. Teredo's priority should be less or equal to 6to4, considering its characteristic of tunnel mechanism. About Windows, this point is already in the implementation. When we apply these changes, the default policy table looks like this. Prefix Precedence Label ::1/128 50 0 ::/0 30 2 2002::/16 20 3 ::ffff:0:0/96 10 4 2001::/32 5 5 (For Teredo) Teredo has the worst precedence. This means that, for IPv4-IPv6 dual-stack host, Teredo address will be used only when the destination host has an IPv6 address only. 2.3. To change ULA address scope to site-local RFC 5220 Section 2.1.4, 2.2.2, and 2.2.3 describes address selection problems related to ULA. These problems can be solved by changing the scope of ULA to site-local. Matsumoto, et al. Expires September 17, 2009 [Page 6] =0C Internet-Draft RFC3484 Revise March 2009 2.4. To add descriptions for source address selection for multicast packet For example, we have to pay attention to source address selection for a multicast packet. As described in RFC 5220 Section 2.1.6, by default, ULA will be chosen for a multicast packet of any scope. This issue cannot be solved by changing a RFC 3484 rule. This is because, multicast and unicast have different sets of scope and it is site-dependent which unicast address scope is appropriate for the site's multicast scope. Therefore, this issue can be solved, for example, by configuring the policy table per-site. 2.5. To make address type dependent control possible It is hard to define default preferences for these address types, RA- based, DHCP-based, manual-based, and privacy extention address, because the appropriate preference value depends on the usage of these addresses, but not on address types themselves. It is the policy table where you can control host's address selection behavior. For example, You can set priority on RFC 3041 [RFC3041] address (privacy extension) by putting a line in policy table specifying RFC 3041 address by 128-bit prefixlen and continuing to update policy table according to RFC 3041 address re-generation. But, this is surely troublesome for users and implementers. One idea is to update RFC 3484 policy table definition so that it can handle meta addresses like privacy, DHCPv6 generated, RA generated, manually generated (and even Home Address ?) To prefer privacy address by default, and to prefer RA-generated address for site internal, the policy table will look like this. Prefix Pref Label 2001:db8:1234::(PRIVACY)/128 30 2 ::/0 10 2 2001:db8:1234::(RA):/128 30 1 2001:db8::/48 20 1 2.6. To disable or restrict RFC 3484 Section 6 Rule 9 There was a discussion at v6ops and ietf@ietf.org mailing lists that the rule 9 of the destination address selection has a serious adverse effect on the round robin DNS technique. RFC 3484 defines that the destination address selection rule 9 should be applied to both IPv4 and IPv6, which spoils the DNS based load balancing technique that is widely used in the IPv4 Internet today. Matsumoto, et al. Expires September 17, 2009 [Page 7] =0C Internet-Draft RFC3484 Revise March 2009 When the destination address acquired from one FQDN are two or more, the Rule 9 defines that the longest matching destination and source address pair should be chosen. As in RFC 1794, the DNS based load balancing technique is achived by not re-ordering the destination addresses returned from the DNS server. The Rule 9 defines deterministic rule for re-ordering at hosts, hence the technique of RFC 1794 is not available anymore. Regarding this problem, there was a lot of discussion in IETF and other places like below. http://drplokta.livejournal.com/109267.html http://www.ietf.org/mail-archive/web/ietf/current/msg51874.html http://www.ietf.org/mail-archive/web/discuss/current/msg01035.html http://www.ietf.org/mail-archive/web/dnsop/current/msg05847.html http://lists.debian.org/debian-ctte/2007/11/msg00029.html http://www.ietf.org/mail-archive/web/ietf/current/msg55991.html Possible changes to RFC 3484 are as follows: 1. To delete Rule 9 completely. 2. To apply Rule 9 only for IPv6 and not for IPv4. In IPv6, hiearchical address assignment is general principle, hence the longest matchin rule is beneficial in many cases. In IPv4, as stated above, the DNS based load balancing technique is widely used. 3. To apply Rule 9 for IPv6 conditionally and not for IPv4. When the length of matching bits of the destination address and the source address is longer than N, the rule 9 is applied. Otherwise, the order of the destination addresses do not change. The N should be configurable and it should be 32 by default. This is simply because the two sites whose matching bit length is longer than 32 are probably adjacent. Now that IPv6 PI address is admitted in some RIRs, hierachical address assignment is not maintained anymore. It seems that the longest matching algorithm is not worth the adverse effect of disalbing the DNS based load balance technique. Therefore, the proposal 1 or 3 seems to be preferable. 2.7. To change private IPv4 address scope As detailed in Remi's draft [I-D.denis-v6ops-nat-addrsel], when a host is in NATed site, and has a private IPv4 address and transitional addresses like 6to4 and Teredo, the host chooses transitional IPv6 address to access most of the dual-stack servers. This is because private IPv4 address is defined to be site-local scope, and as in RFC 3484, the scope matching rules (Rule 2) set Matsumoto, et al. Expires September 17, 2009 [Page 8] =0C Internet-Draft RFC3484 Revise March 2009 lower priority for private IPv4 address. By changing the address scope of private IPv4 address to global, this problem can be solved. 3. Conclusion This document lists up several issues that should be included in the revision of RFC 3484, which are useful universally and do no harm in reasonable network environments. The address selection rules that are useful locally can be implemented, for example, by configuring the policy table. The policy distribution mechanism [I-D.fujisaki-dhc-addr-select-opt] may be useful to configure a lot of hosts at a time. The destination address selection rule 9 will spoil the DNS based load balancing technique that is widely deployed at least in IPv4. To keep this functionality in IPv6, the rule 9 have to be deleted or restricted. 4. Security Considerations No security risk is found that degrades RFC 3484. 5. IANA Considerations Address type number for the policy table may have to be assigned by IANA. 6. References 6.1. Normative References [RFC1794] Brisco, T., "DNS Support for Load Balancing", RFC 1794, April 1995. [RFC3484] Draves, R., "Default Address Selection for Internet Protocol version 6 (IPv6)", RFC 3484, February 2003. [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast Addresses", RFC 4193, October 2005. [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Matsumoto, et al. Expires September 17, 2009 [Page 9] =0C Internet-Draft RFC3484 Revise March 2009 Architecture", RFC 4291, February 2006. [RFC4380] Huitema, C., "Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs)", RFC 4380, February 2006. 6.2. Informative References [I-D.denis-v6ops-nat-addrsel] Denis-Courmont, R., "Problems with IPv6 source address selection and IPv4 NATs", draft-denis-v6ops-nat-addrsel-00 (work in progress), February 2009. [I-D.fujisaki-dhc-addr-select-opt] Fujisaki, T., Matsumoto, A., Niinobe, S., Hiromi, R., and K. Kanayama, "Distributing Address Selection Policy using DHCPv6", draft-fujisaki-dhc-addr-select-opt-07 (work in progress), March 2009. [RFC3041] Narten, T. and R. Draves, "Privacy Extensions for Stateless Address Autoconfiguration in IPv6", RFC 3041, January 2001. [RFC5220] Matsumoto, A., Fujisaki, T., Hiromi, R., and K. Kanayama, "Problem Statement for Default Address Selection in Multi- Prefix Environments: Operational Issues of RFC 3484 Default Rules", RFC 5220, July 2008. Appendix A. Appendix. Revision History 01: The issue of private IPv4 address scope was added. The issue of ULA address scope was added. Discussion of longest matching rule was expanded. Authors' Addresses Arifumi Matsumoto NTT PF Lab Midori-Cho 3-9-11 Musashino-shi, Tokyo 180-8585 Japan Phone: +81 422 59 3334 Email: arifumi@nttv6.net Matsumoto, et al. Expires September 17, 2009 [Page 10] =0C Internet-Draft RFC3484 Revise March 2009 Tomohiro Fujisaki NTT PF Lab Midori-Cho 3-9-11 Musashino-shi, Tokyo 180-8585 Japan Phone: +81 422 59 7351 Email: fujisaki@syce.net Ruri Hiromi Intec Netcore, Inc. Shinsuna 1-3-3 Koto-ku, Tokyo 136-0075 Japan Phone: +81 3 5665 5069 Email: hiromi@inetcore.com Ken-ichi Kanayama INTEC Systems Institute, Inc. Shimoshin-machi 5-33 Toyama-shi, Toyama 930-0804 Japan Phone: +81 76 444 8088 Email: kanayama_kenichi@intec-si.co.jp Matsumoto, et al. Expires September 17, 2009 [Page 11] =0C --Apple-Mail-10--953239708 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit On 2009/03/04, at 23:33, Tim Chown wrote: > On Wed, Mar 04, 2009 at 02:09:22PM +0000, Tony Finch wrote: >> It seems that Vista implements RFC 3484 address selection, >> including the >> requirement to sort IP addresses. This breaks a great deal of >> operational >> dependence on DNS-based load balancing, as well as being based on an >> incorrect understanding of how IP addresses are allocated. >> >> RFC 3484 needs to be updated to delete this rule, so that the order >> returned from the DNS is honoured when the client has no better >> knowledge >> about which address is appropriate. >> >> See >> http://drplokta.livejournal.com/109267.html >> http://www.ietf.org/mail-archive/web/ietf/current/msg51874.html >> http://www.ietf.org/mail-archive/web/discuss/current/msg01035.html >> http://www.ietf.org/mail-archive/web/dnsop/current/msg05847.html >> http://lists.debian.org/debian-ctte/2007/11/msg00029.html > > The issue is mentioned in: > > http://www.watersprings.org/pub/id/draft-arifumi-6man-rfc3484-revise-00.txt > > "2.5. To disable or restrict RFC 3484 Section 6 Rule 9 > > There was a discussion at v6ops and ietf@ietf.org mailing lists that > the rule 9 of the destination address selection has a serious > adverse > effect on the round robin DNS technique...." > > However the above has expired. Perhaps Arifumi will issue a new > version > before the upcoming cutoff. > > -- > Tim > > > _______________________________________________ > Ietf mailing list > Ietf@ietf.org > https://www.ietf.org/mailman/listinfo/ietf -- Arifumi Matsumoto Secure Communication Project NTT Information Sharing Platform Laboratories E-mail: arifumi@nttv6.net --Apple-Mail-10--953239708-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From johnsmithsvt@amuse-mc.com Mon Mar 16 09:59:39 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3601C3A699F for ; Mon, 16 Mar 2009 09:59:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.558 X-Spam-Level: X-Spam-Status: No, score=-4.558 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4yveX9ZuqEuc for ; Mon, 16 Mar 2009 09:59:32 -0700 (PDT) Received: from 169-88-124-91.pool.ukrtel.net (169-88-124-91.pool.ukrtel.net [91.124.88.169]) by core3.amsl.com (Postfix) with SMTP id 349FF3A6A19 for ; Mon, 16 Mar 2009 09:59:30 -0700 (PDT) To: Subject: Customer Receipt/Purchase Confirmation From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090316165931.349FF3A6A19@core3.amsl.com> Date: Mon, 16 Mar 2009 09:59:30 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From jwilgar@aimpowergen.com Mon Mar 16 22:07:10 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 792853A67C1 for ; Mon, 16 Mar 2009 22:07:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -15.33 X-Spam-Level: X-Spam-Status: No, score=-15.33 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_EQ_AU=0.377, HTML_IMAGE_RATIO_04=0.172, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6fZrhqul7f04 for ; Mon, 16 Mar 2009 22:07:09 -0700 (PDT) Received: from ams.com.au (unknown [122.161.54.106]) by core3.amsl.com (Postfix) with SMTP id EC7343A6887 for ; Mon, 16 Mar 2009 22:07:02 -0700 (PDT) To: Subject: Abs Newsletter From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090317050707.EC7343A6887@core3.amsl.com> Date: Mon, 16 Mar 2009 22:07:02 -0700 (PDT)
WELCOME!
Things are going to change, now that you've joined the Abs Diet Club!
Dear Online Reader:
Men's Health recommends


MEN'S HEALTH NEWS & ADVICE:
Get the world's greatest fitness, diet, and sex advice delivered to your inbox
3 times a week.
Tell a friend
Find out more at MensHealth.com      Abs Diet Online


Men's Health   |   Unsubscribe   |   Privacy Policy

© 2009 Men's Health, all rights reserved.
33 East Minor Street, Emmaus, PA 18098, Attn: Customer Service
Click here
From kandyjames44@yahoo.co.uk Tue Mar 17 02:26:16 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 75DFF3A697B; Tue, 17 Mar 2009 02:26:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -51.166 X-Spam-Level: X-Spam-Status: No, score=-51.166 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_DHCP=1.398, HELO_DYNAMIC_IPADDR=2.426, INVALID_MSGID=1.9, MSGID_SHORT=1.078, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX_NOV5F=0.666, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GwmaHb+3lvR7; Tue, 17 Mar 2009 02:26:15 -0700 (PDT) Received: from dslb-092-072-155-149.pools.arcor-ip.net (dslb-092-072-155-149.pools.arcor-ip.net [92.72.155.149]) by core3.amsl.com (Postfix) with SMTP id F2C3F28C0CF; Tue, 17 Mar 2009 02:26:08 -0700 (PDT) X-Originating-IP: 94.151.54.88 by smtp.92.72.155.149; Tue, 17 Mar 2009 06:19:49 -0400 Message-ID: <873dpm189WUG> Date: Tue, 17 Mar 2009 05:26:49 -0500 From: "Esperanza Huffman" To: "Esperanza Huffman" Subject: Affordable brand name watches Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Esperanza If you've waited to get your Patek Phillipe watch, this is the right time to go for it. http://www.ioxextbe.cn Take an extra 15% off your purchase during month of March. http://www.ioxextbe.cn Our Patek Phillipe watches have perfect weight and feel same as orginal. Sincerely, Mr Huffman From mschulterq@abogadosargentinos.com Tue Mar 17 09:40:12 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 98D933A6BE7 for ; Tue, 17 Mar 2009 09:40:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -21.719 X-Spam-Level: X-Spam-Status: No, score=-21.719 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Avb5C3ZSAAMV for ; Tue, 17 Mar 2009 09:40:11 -0700 (PDT) Received: from aicins.com (unknown [58.69.29.126]) by core3.amsl.com (Postfix) with SMTP id 984C03A6BE5 for ; Tue, 17 Mar 2009 09:40:10 -0700 (PDT) To: Subject: Sales Order walmart.com From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090317164010.984C03A6BE5@core3.amsl.com> Date: Tue, 17 Mar 2009 09:40:10 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From nancy_mabeldd@ahni.com Tue Mar 17 10:50:21 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 03D963A69BF for ; Tue, 17 Mar 2009 10:50:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -19.027 X-Spam-Level: X-Spam-Status: No, score=-19.027 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_EQ_RU=0.595, HOST_EQ_RU=0.875, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O2V9vK1-y4n6 for ; Tue, 17 Mar 2009 10:50:20 -0700 (PDT) Received: from host66-57-static.15-79-b.business.telecomitalia.it (host66-57-static.15-79-b.business.telecomitalia.it [79.15.57.66]) by core3.amsl.com (Postfix) with SMTP id E53283A67D1 for ; Tue, 17 Mar 2009 10:50:18 -0700 (PDT) To: Subject: You've received an answer to your question From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090317175018.E53283A67D1@core3.amsl.com> Date: Tue, 17 Mar 2009 10:50:18 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From milkowskidd@allied-brokers.com Tue Mar 17 10:52:47 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2F2953A6B45 for ; Tue, 17 Mar 2009 10:52:47 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.742 X-Spam-Level: X-Spam-Status: No, score=-14.742 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_EQ_NL=0.55, HELO_MISMATCH_NL=1.448, HTML_IMAGE_RATIO_04=0.172, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id syPrLOXS7Skd for ; Tue, 17 Mar 2009 10:52:46 -0700 (PDT) Received: from ajaxfire.nl (unknown [95.53.2.231]) by core3.amsl.com (Postfix) with SMTP id 0DB2F3A6B41 for ; Tue, 17 Mar 2009 10:52:43 -0700 (PDT) To: Subject: you subscribe #10133 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090317175244.0DB2F3A6B41@core3.amsl.com> Date: Tue, 17 Mar 2009 10:52:43 -0700 (PDT)
WELCOME!
Things are going to change, now that you've joined the Abs Diet Club!
Dear Online Reader:
Men's Health recommends


MEN'S HEALTH NEWS & ADVICE:
Get the world's greatest fitness, diet, and sex advice delivered to your inbox
3 times a week.
Tell a friend
Find out more at MensHealth.com      Abs Diet Online


Men's Health   |   Unsubscribe   |   Privacy Policy

© 2009 Men's Health, all rights reserved.
33 East Minor Street, Emmaus, PA 18098, Attn: Customer Service
Click here
From gpmjulie.petrick@greenpoint.com Tue Mar 17 16:05:31 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DE20C3A6873; Tue, 17 Mar 2009 16:05:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -63.739 X-Spam-Level: X-Spam-Status: No, score=-63.739 tagged_above=-999 required=5 tests=[BAYES_95=3, HELO_EQ_DE=0.35, HELO_EQ_DSL=1.129, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a1gJur917iIJ; Tue, 17 Mar 2009 16:05:31 -0700 (PDT) Received: from f051133134.adsl.alicedsl.de (f051133134.adsl.alicedsl.de [78.51.133.134]) by core3.amsl.com (Postfix) with SMTP id 61DDB3A6B00; Tue, 17 Mar 2009 16:05:15 -0700 (PDT) X-Originating-IP: 184.174.8.226 by 160.50.35.64; Tue, 17 Mar 2009 22:56:57 -0100 Message-ID: To: "Rosa Butler" From: "Laurence Conrad" Subject: Beautiful Longines watches for less Date: Tue, 17 Mar 2009 19:05:57 -0500 Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Rosa If you've waited to get your Longines watch, this is the right time to go for it. http://www.vamhkao.cn Take advantage of our winter specials and get yourself Longines watch that you've always wanted! http://www.vamhkao.cn Our Longines have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Butler From alyvzcatd@ms22.hinet.net Tue Mar 17 20:53:04 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0B9073A6873; Tue, 17 Mar 2009 20:53:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -86.129 X-Spam-Level: X-Spam-Status: No, score=-86.129 tagged_above=-999 required=5 tests=[BAYES_50=0.001, DNS_FROM_AHBL_RHSBL=0.692, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QIhYKF7+YpWk; Tue, 17 Mar 2009 20:53:03 -0700 (PDT) Received: from 58-27-221-106.wateen.net (58-27-221-106.wateen.net [58.27.221.106]) by core3.amsl.com (Postfix) with SMTP id 084443A6802; Tue, 17 Mar 2009 20:52:53 -0700 (PDT) Subject: Trim line or sport watch? You choose Message-ID: From: "Arline Pettit" Content-Type: text/plain; Content-Transfer-Encoding: 7Bit To: "Hilario Rojas" Date: Tue, 17 Mar 2009 23:53:34 -0500 Hello Ronny Looking for a Longines watch that no one can tell from the original? You're in luck, because we have the best copies http://hansjoergflorentiaxl.blogspot.com/?id=6533ilgf Get two deeply discounted watches and take an extra 15% discount. http://hansjoergflorentiaxl.blogspot.com/?id=6533ilgf Our Longines have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Pool From ja5hre@mocha.ocn.ne.jp Wed Mar 18 08:11:51 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 77AE93A6A1C; Wed, 18 Mar 2009 08:11:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -52.001 X-Spam-Level: X-Spam-Status: No, score=-52.001 tagged_above=-999 required=5 tests=[BAYES_95=3, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3BwGT52o1Wl3; Wed, 18 Mar 2009 08:11:50 -0700 (PDT) Received: from oyo01-1-88-187-172-233.fbx.proxad.net (oyo01-1-88-187-172-233.fbx.proxad.net [88.187.172.233]) by core3.amsl.com (Postfix) with SMTP id 2CBE83A6B13; Wed, 18 Mar 2009 08:11:40 -0700 (PDT) Subject: The affordable watch alternative Message-ID: From: "Elmer Vincent" Content-Type: text/plain; Content-Transfer-Encoding: 7Bit To: "Georgina Burger" Date: Wed, 18 Mar 2009 11:12:23 -0500 Hello Georgina Looking for a Franck Muller? How about getting two, one for you and one for your spouse? http://www.avoeier.cn We are offering wholesaler prices on all watches during the month of March. http://www.avoeier.cn Our Franck Muller watches have perfect weight and feel same as orginal. Sincerely, Mr Burger From egg4159@dalsym.com Wed Mar 18 11:46:48 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 513E728C10B; Wed, 18 Mar 2009 11:46:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -61.239 X-Spam-Level: X-Spam-Status: No, score=-61.239 tagged_above=-999 required=5 tests=[BAYES_95=3, HELO_EQ_DE=0.35, HELO_EQ_DSL=1.129, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qiNAwnbAVMhB; Wed, 18 Mar 2009 11:46:47 -0700 (PDT) Received: from f053010062.adsl.alicedsl.de (f053010062.adsl.alicedsl.de [78.53.10.62]) by core3.amsl.com (Postfix) with SMTP id E95B73A680B; Wed, 18 Mar 2009 11:46:41 -0700 (PDT) From: "Lillie Gregory" To: "Marcelo Ervin" Subject: 15% off on two watches Date: Wed, 18 Mar 2009 14:47:24 -0500 Message-ID: <111Lvds.w3122E741aaa-archive@lists.ietf.org> Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Rosemary Looking for a Cartier watch that no one can tell from the original? You're in luck, because we have the best copies http://www.vmeoiu.cn With top notch customer service and super warranty, we stand behind our watches. http://www.vmeoiu.cn Our Cartier have Weights/feels and looks exactly same as original. Sincerely, Mr Cruz From lars.mueller@akita-pu.ac.jp Wed Mar 18 12:47:06 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 71CE03A6960 for ; Wed, 18 Mar 2009 12:47:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.357 X-Spam-Level: X-Spam-Status: No, score=-10.357 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, HELO_EQ_BIZ=0.288, HELO_MISMATCH_BIZ=0.443, HOST_EQ_PL=1.95, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CsYwFfhFAhkR for ; Wed, 18 Mar 2009 12:47:05 -0700 (PDT) Received: from aha.biz (host-89-231-161-254.lowicz.mm.pl [89.231.161.254]) by core3.amsl.com (Postfix) with SMTP id BDA683A6A34 for ; Wed, 18 Mar 2009 12:47:02 -0700 (PDT) To: Subject: Sales Receipt Amazon From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html X-Antivirus: avast! (VPS 080221-0, 2008-02-21), Outbound message X-Antivirus-Status: Clean Message-Id: <20090318194703.BDA683A6A34@core3.amsl.com> Date: Wed, 18 Mar 2009 12:47:02 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From mail@air-soul.com Wed Mar 18 16:27:31 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C657328C233 for ; Wed, 18 Mar 2009 16:27:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -13.388 X-Spam-Level: X-Spam-Status: No, score=-13.388 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_DYNAMIC_DHCP=1.398, HELO_EQ_DSL=1.129, HELO_EQ_HU=1.35, HOST_EQ_HU=1.245, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x0-Y1SjIXXlH for ; Wed, 18 Mar 2009 16:27:31 -0700 (PDT) Received: from adsl-175-111.globonet.hu (adsl-175-111.globonet.hu [82.144.175.111]) by core3.amsl.com (Postfix) with SMTP id E09B128C0E9 for ; Wed, 18 Mar 2009 16:27:23 -0700 (PDT) To: Subject: Order Shipped -- Order #47791 From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090318232724.E09B128C0E9@core3.amsl.com> Date: Wed, 18 Mar 2009 16:27:23 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From michelle.wu@acebike.com.cn Thu Mar 19 01:53:18 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0BDE33A6843 for ; Thu, 19 Mar 2009 01:53:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.406 X-Spam-Level: X-Spam-Status: No, score=-14.406 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_EQ_TW=1.335, HELO_MISMATCH_TW=0.994, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A8zPIgfgxC3s for ; Thu, 19 Mar 2009 01:53:17 -0700 (PDT) Received: from ampire.com.tw (unknown [190.25.36.211]) by core3.amsl.com (Postfix) with SMTP id F02A23A67FD for ; Thu, 19 Mar 2009 01:53:14 -0700 (PDT) To: dnsext-archive@ietf.org Subject: you subscribe #95020 From: "Alton Schultz" X-Priority: 1 MIME-Version: 1.0 Content-Type: text/html; charset = "iso-8859-1" Content-Transfer-Encoding: 8bit Message-Id: <20090319085315.F02A23A67FD@core3.amsl.com> Date: Thu, 19 Mar 2009 01:53:14 -0700 (PDT)
03/16/09

Everything you need to know to keep your goods happy and healthy ...

We are recommends

Tell a friend
Find out more at MensHealth.com

Men's Health Personal Trainer - get in shape now!

YOUR PRIVACY RIGHTS  |   CONTACT US  |   UNSUBSCRIBE
COPYRIGHT RODALE, INC. 2009
33 East Minor Street, Emmaus, PA 18098, Attn: Customer Service

From atmrjga@starnursery.com Thu Mar 19 06:29:16 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 606BE3A6C1D; Thu, 19 Mar 2009 06:29:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -51.515 X-Spam-Level: X-Spam-Status: No, score=-51.515 tagged_above=-999 required=5 tests=[BAYES_50=0.001, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_DYNAMIC_IPADDR2=4.395, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_IP_ADDR=1.119, HOST_EQ_USERONOCOM=1.444, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_NUMERIC_HELO=2.067, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GAvpTZ0RO-uj; Thu, 19 Mar 2009 06:29:15 -0700 (PDT) Received: from 62.57.40.29.dyn.user.ono.com (62.57.40.29.dyn.user.ono.com [62.57.40.29]) by core3.amsl.com (Postfix) with SMTP id 8203D28C277; Thu, 19 Mar 2009 06:29:08 -0700 (PDT) To: "Walter Cervantes" Date: Thu, 19 Mar 2009 09:29:52 -0500 Subject: Watches for him, her and you Message-ID: From: "Rubin Waldron" Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Walter I had never seen such beautiful and greatly-performing watches like the ones I found online at http://www.hiwaroven.cn With top notch customer service and super warranty, we stand behind our watches. http://www.hiwaroven.cn Our Gucci have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Cervantes From majordomo@alshater.net Thu Mar 19 08:54:15 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9826E3A6988 for ; Thu, 19 Mar 2009 08:54:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.718 X-Spam-Level: X-Spam-Status: No, score=-5.718 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SXiLB1PuPW0F for ; Thu, 19 Mar 2009 08:54:08 -0700 (PDT) Received: from 90-154-169-104.btc-net.bg (95-42-165-135.btc-net.bg [95.42.165.135]) by core3.amsl.com (Postfix) with SMTP id 78BF63A69B1 for ; Thu, 19 Mar 2009 08:54:06 -0700 (PDT) To: Subject: Sales Order walmart.com From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090319155407.78BF63A69B1@core3.amsl.com> Date: Thu, 19 Mar 2009 08:54:06 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From nemey@alfredsolis.com Thu Mar 19 08:58:18 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 37E4D3A6988 for ; Thu, 19 Mar 2009 08:58:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -12.708 X-Spam-Level: X-Spam-Status: No, score=-12.708 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_RFC_DSN=1.495, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UxiaQ-tU0V0A for ; Thu, 19 Mar 2009 08:58:11 -0700 (PDT) Received: from BAJ3fe6.baj.pppool.de (BAJ3fe6.baj.pppool.de [77.137.63.230]) by core3.amsl.com (Postfix) with SMTP id 8EAEF28C102 for ; Thu, 19 Mar 2009 08:58:09 -0700 (PDT) To: dnsext-archive@ietf.org Subject: Make Her Go Wild in Bed From: "Manuela Hackett" X-Priority: 1 MIME-Version: 1.0 Content-Type: text/html; charset = "iso-8859-1" Content-Transfer-Encoding: 8bit Message-Id: <20090319155809.8EAEF28C102@core3.amsl.com> Date: Thu, 19 Mar 2009 08:58:09 -0700 (PDT)
18/18/09

CONVINCE HER TO EXPERIMENT MORE

If your wife or girlfriend just lies there during love and you want more action, first ask yourself: Is she loglike outside of the bedroom? Because if she doesn't exercise, stretch, dance—anything—it's going to take some effort to bring out her inner bunny.

Before she can enjoy your body, she has to start enjoying her own. Invite her to go hiking, or buy her a gift certificate for yoga classes. Anything that will get her blood flowing is likely to liven up her sexual M.O. by raising her confidence in her body.

If she's already active yet carnally comatose, try to reconnect with her in a sensual way. Suggest taking a long, soapy shower together or trading full-body rubdowns in bed, and lavish her body with attention. Nothing softens a woman up or turns her on like a little pampering.

Want to mix it up more? Even if she's not into role-playing or video cameras, there are plenty of prudish props that can mimic kink. Grab a spatula and offer to treat her like an omelet. Use a spray bottle to spritz her down.

Countless household items have kinky potential. The trick is to plant the object within reach (or coax her into finding new uses for the kitchen, laundry room, toolshed ...) and make your decision to bring it into play appear totally spontaneous.

xo,
Nicole Beland
The Men's Health Girl Next Door

   
COUPLES
Handle with Care


Avoid these relationship mistakes for more
DECODE HER
The Female Coregasm
Yes, it's true: Women can have great ending while working out
Demystify the coregasm

THE ABS DIET ONLINE
Flat, firm abs made easy
• Workouts designed to fit your schedule, your body, your goals
• Customizable meal plans and no-hassle shopping lists
• Killer tracking tools to chart your progress
• Endless food options (stuff you want to eat)
• Total flexibility: swap, delete or add foods/exercises to your program
Start now!
Click Here!


YOUR PRIVACY RIGHTS  |  CONTACT US  |  UNSUBSCRIBE

COPYRIGHT RODALE, INC. 2009
33 East Minor Street, Emmaus, PA 18098, Attn: Customer Service
From kinsei@1kg.jp Thu Mar 19 09:43:04 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5C5DF3A68BC for ; Thu, 19 Mar 2009 09:43:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -25.09 X-Spam-Level: X-Spam-Status: No, score=-25.09 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_RECV_BEZEQINT_B=0.763, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1FRqEyVXqocB for ; Thu, 19 Mar 2009 09:42:57 -0700 (PDT) Received: from bzq-82-81-0-12.red.bezeqint.net (bzq-82-81-0-12.red.bezeqint.net [82.81.0.12]) by core3.amsl.com (Postfix) with SMTP id 202CB3A6A41 for ; Thu, 19 Mar 2009 09:42:50 -0700 (PDT) To: Subject: Customer Receipt/Purchase Confirmation From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090319164252.202CB3A6A41@core3.amsl.com> Date: Thu, 19 Mar 2009 09:42:50 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From lloyd@africablue.co.za Thu Mar 19 19:37:22 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 32E0228C1B5 for ; Thu, 19 Mar 2009 19:37:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -7.285 X-Spam-Level: X-Spam-Status: No, score=-7.285 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_SE=0.35, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IYyU4Ja6mKSC for ; Thu, 19 Mar 2009 19:37:16 -0700 (PDT) Received: from host-80-252-185-192-cust.phoneranetworks.se (host-80-252-185-192-cust.phoneranetworks.se [80.252.185.192]) by core3.amsl.com (Postfix) with SMTP id 3214428C184 for ; Thu, 19 Mar 2009 19:37:14 -0700 (PDT) To: Subject: Order Shipped -- Order #15117 From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090320023715.3214428C184@core3.amsl.com> Date: Thu, 19 Mar 2009 19:37:14 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From sthcojuna@cosat.com Fri Mar 20 06:02:04 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CFE4D3A6C73; Fri, 20 Mar 2009 06:02:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -19.9 X-Spam-Level: X-Spam-Status: No, score=-19.9 tagged_above=-999 required=5 tests=[AWL=2.755, BAYES_99=3.5, HELO_DYNAMIC_HCC=4.295, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PRkZIGmuVaUm; Fri, 20 Mar 2009 06:02:04 -0700 (PDT) Received: from cpc3-rdng2-0-0-cust220.winn.cable.ntl.com (cpc3-rdng2-0-0-cust220.winn.cable.ntl.com [82.21.84.221]) by core3.amsl.com (Postfix) with SMTP id 04AFD3A6C6B; Fri, 20 Mar 2009 06:02:00 -0700 (PDT) To: "Wilford Taylor" Date: Fri, 20 Mar 2009 09:02:46 -0500 Subject: 15% off on two watches Message-ID: From: "Nickolas Zimmerman" Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Rod Looking for a Longines? How about getting two, one for you and one for your spouse? http://www.fowidudiy.cn With top notch customer service and super warranty, we stand behind our watches. http://www.fowidudiy.cn Our Longines have Weights/feels and looks exactly same as original. Sincerely, Mr Mcpherson From owner-namedroppers@ops.ietf.org Fri Mar 20 08:30:59 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E6C033A6BEB; Fri, 20 Mar 2009 08:30:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.202 X-Spam-Level: X-Spam-Status: No, score=-1.202 tagged_above=-999 required=5 tests=[AWL=-1.007, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KqYRm2r0mNJJ; Fri, 20 Mar 2009 08:30:59 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 16B223A67F5; Fri, 20 Mar 2009 08:30:59 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LkgZY-0002mm-BA for namedroppers-data0@psg.com; Fri, 20 Mar 2009 15:23:48 +0000 Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LkgZS-0002li-JR for namedroppers@ops.ietf.org; Fri, 20 Mar 2009 15:23:44 +0000 Received: from Puki.ogud.com (nyttbox.md.ogud.com [10.20.30.4]) by stora.ogud.com (8.14.3/8.14.3) with ESMTP id n2KFNdjj048413; Fri, 20 Mar 2009 11:23:39 -0400 (EDT) (envelope-from ogud@ogud.com) Message-Id: <200903201523.n2KFNdjj048413@stora.ogud.com> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Fri, 20 Mar 2009 11:23:32 -0400 To: =?iso-8859-1?Q?=D3lafur?= =?iso-8859-1?Q?_Gu=F0mundsson?= /DNSEXT chair , namedroppers@ops.ietf.org From: =?iso-8859-1?Q?=D3lafur?= =?iso-8859-1?Q?_Gu=F0mundsson?= /DNSEXT chair Subject: Re: [dnsext] WGLC: DNS Proxy Implementation Guidelines In-Reply-To: <200903122231.n2CMVjXB033807@stora.ogud.com> References: <200903122231.n2CMVjXB033807@stora.ogud.com> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1"; format=flowed Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.64 on 66.92.146.20 Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Reminder, we still need more reviewers thanks. Olafur At 07:08 13/03/2009, =D3lafur Gu=F0mundsson /DNSEXT wrote: >This note starts a Working Group Last Call for this Standards Track= document >ending on midnight April 2'nd UTZ 2009. > >URL for the document and its history: >http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-dnsproxy/ > >We are planning to ask for publication as a BCP. We think that it does not >update any RFC. Some may think that the recommendations in the document >do in fact update a Standards Track document. If you believe that, >please tell us the specific text you think is problematic, and >what RFC it updates. > >Please read the document carefully, this is an important document that >the DNS community can use to improve the behavior of an important segment= of >the industry. > >The document process rules in this working group, require that at least >5 members of the working to state that they have reviewed the document >and there is consensus of support to publish it as a BCP. > >Notes: the final wording of section 4.5 will be=20 >determined during this last call. >Some issues have been raised about SHOULD/MUST language in there, see >http://ops.ietf.org/lists/namedroppers/namedroppers.2009/msg00289.html > > Olafur (for the chairs) -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From layne95@3vb.com Fri Mar 20 11:41:07 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A49EA3A6C7C for ; Fri, 20 Mar 2009 11:41:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -13.524 X-Spam-Level: X-Spam-Status: No, score=-13.524 tagged_above=-999 required=5 tests=[AWL=7.806, BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UlHsTDlhPRBu for ; Fri, 20 Mar 2009 11:40:56 -0700 (PDT) Received: from 95-42-215-117.btc-net.bg (95-42-215-117.btc-net.bg [95.42.215.117]) by core3.amsl.com (Postfix) with SMTP id 982253A699A for ; Fri, 20 Mar 2009 11:40:54 -0700 (PDT) To: Subject: Email Handling Opinion Needed From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090320184055.982253A699A@core3.amsl.com> Date: Fri, 20 Mar 2009 11:40:54 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From jph@ais.gp Fri Mar 20 12:18:08 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 73E353A67D1 for ; Fri, 20 Mar 2009 12:18:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.602 X-Spam-Level: X-Spam-Status: No, score=-14.602 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_EQ_DSL=1.129, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Is9QdG9WQ08 for ; Fri, 20 Mar 2009 12:18:01 -0700 (PDT) Received: from ahk3.neoplus.adsl.tpnet.pl (ahk3.neoplus.adsl.tpnet.pl [83.25.192.3]) by core3.amsl.com (Postfix) with SMTP id 7B6E43A68FD for ; Fri, 20 Mar 2009 12:17:58 -0700 (PDT) To: Subject: Email Handling Opinion Needed From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090320191800.7B6E43A68FD@core3.amsl.com> Date: Fri, 20 Mar 2009 12:17:58 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From nclopez@citrofrut.com.mx Fri Mar 20 17:54:28 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6043E3A6767; Fri, 20 Mar 2009 17:54:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.957 X-Spam-Level: X-Spam-Status: No, score=-6.957 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, FRT_ROLEX=3.878, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BR=0.955, HELO_EQ_DSL=1.129, HELO_EQ_TELESP=1.245, HOST_EQ_BR=1.295, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, SARE_RECV_SPAM_DOMN02=1.666, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d5fPoJHTqjId; Fri, 20 Mar 2009 17:54:27 -0700 (PDT) Received: from 189-19-148-67.dsl.telesp.net.br (189-19-148-67.dsl.telesp.net.br [189.19.148.67]) by core3.amsl.com (Postfix) with SMTP id 089553A68BD; Fri, 20 Mar 2009 17:54:09 -0700 (PDT) Message-ID: <765cc4519dhcwg-bounces@ietf.org> From: "Pat Calloway" To: "Tammy Lynch" X-Originating-IP: 81.196.128.209 by 252.40.253.12; Fri, 20 Mar 2009 22:49:55 -0300 Subject: Ro lex rep is a ultimate gift Date: Fri, 20 Mar 2009 20:54:55 -0500 Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Tammy Looking for a Omega watch that no one can tell from the original? You're in luck, because we have the best copies http://www.duqugosuj.cn Get two deeply discounted watches and take an extra 15% discount. http://www.duqugosuj.cn Our Omega have Weights/feels and looks exactly same as original. Sincerely, Mr Lynch From owens@ultrasis.com Sat Mar 21 01:36:16 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A941B3A685F; Sat, 21 Mar 2009 01:36:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -9.816 X-Spam-Level: X-Spam-Status: No, score=-9.816 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ZyD2jgr18Qt; Sat, 21 Mar 2009 01:36:10 -0700 (PDT) Received: from 118-83-63-15.htoj.j-cnet.jp (118-83-63-15.htoj.j-cnet.jp [118.83.63.15]) by core3.amsl.com (Postfix) with SMTP id D11333A68DC; Sat, 21 Mar 2009 01:36:04 -0700 (PDT) From: "Diego Castillo" To: "Lula Cleveland" Message-ID: Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Date: Sat, 21 Mar 2009 04:36:51 -0500 Subject: The affordable watch alternative Hello Lina Winter is the time to get Omega watch, and the only place to get top notch watches that look and perform exactly like the originals is http://www.yolareqiw.cn The best news is that in March you can buy two watches and get an extra 15% off your purchase! http://www.yolareqiw.cn Our Omega have Weights/feels and looks exactly same as original. Sincerely, Mr Porter From lmccouryievm@aicins.com Sun Mar 22 08:42:35 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9DEB528C241 for ; Sun, 22 Mar 2009 08:42:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -39.515 X-Spam-Level: X-Spam-Status: No, score=-39.515 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id meG+NLpFBGF4 for ; Sun, 22 Mar 2009 08:42:34 -0700 (PDT) Received: from 050-059-stm.wpa.du.edu (050-059-stm.wpa.du.edu [130.253.50.59]) by core3.amsl.com (Postfix) with SMTP id B4C4228C236 for ; Sun, 22 Mar 2009 08:42:33 -0700 (PDT) To: " Date: Sun, 22 Mar 2009 08:42:33 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From britton@kingsofslow.com Sun Mar 22 11:30:30 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 085F23A6B12; Sun, 22 Mar 2009 11:30:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -25.858 X-Spam-Level: X-Spam-Status: No, score=-25.858 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DE=0.35, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BBUsU3wZ3p-B; Sun, 22 Mar 2009 11:30:29 -0700 (PDT) Received: from HSI-KBW-078-043-097-008.hsi4.kabel-badenwuerttemberg.de (HSI-KBW-078-043-097-008.hsi4.kabel-badenwuerttemberg.de [78.43.97.8]) by core3.amsl.com (Postfix) with SMTP id D46B028C15E; Sun, 22 Mar 2009 11:30:21 -0700 (PDT) Message-ID: X-Originating-IP: 108.108.239.105 by 50.94.187.97; Sun, 22 Mar 2009 21:30:07 +0200 To: "Laurel Painter" From: "Dewey Plummer" Date: Sun, 22 Mar 2009 14:31:07 -0500 Subject: Longines watches wholesale all year long! Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Laurel How about buying yourself a two Patek Phillipe watches the same day? It's not impossible, mostly when you can get them for a couple hundred bucks http://www.oscaoica.cn With top notch customer service and super warranty, we stand behind our watches. http://www.oscaoica.cn Our Patek Phillipe watches have perfect weight and feel same as orginal. Sincerely, Mr Painter From smugism@ernet.in Sun Mar 22 16:43:30 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8D0163A67AD; Sun, 22 Mar 2009 16:43:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -22.604 X-Spam-Level: X-Spam-Status: No, score=-22.604 tagged_above=-999 required=5 tests=[BAYES_60=1, DNS_FROM_RFC_DSN=1.495, HELO_DYNAMIC_HCC=4.295, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QNqZjBxclLli; Sun, 22 Mar 2009 16:43:30 -0700 (PDT) Received: from cpc2-mfld11-0-0-cust278.nott.cable.ntl.com (cpc2-mfld11-0-0-cust278.nott.cable.ntl.com [86.15.197.23]) by core3.amsl.com (Postfix) with SMTP id A70343A6805; Sun, 22 Mar 2009 16:43:25 -0700 (PDT) Subject: Rep will save you thousands Message-ID: From: "Leigh Salazar" Content-Type: text/plain; Content-Transfer-Encoding: 7Bit To: "Albert Daly" Date: Sun, 22 Mar 2009 19:44:11 -0500 Hello Annie Looking for a Cartier watch that no one can tell from the original? You're in luck, because we have the best copies http://www.osaocaoa.cn Get two deeply discounted watches and take an extra 15% discount. http://www.osaocaoa.cn Our Cartier have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Logan From leazkigmvx@allen-group.com Sun Mar 22 16:53:17 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7D31D3A69A3 for ; Sun, 22 Mar 2009 16:53:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.014 X-Spam-Level: X-Spam-Status: No, score=-10.014 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_OPENWHOIS=1.13, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cVnbpl1tomCu for ; Sun, 22 Mar 2009 16:53:17 -0700 (PDT) Received: from mvx-201-76-160-84.mundivox.com (mvx-201-76-160-84.mundivox.com [201.76.160.84]) by core3.amsl.com (Postfix) with SMTP id 4757C3A68AC for ; Sun, 22 Mar 2009 16:53:15 -0700 (PDT) To: Subject: Email Handling Opinion Needed From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html X-Antivirus: avast! (VPS 080930-0, 30/09/2008), Outbound message X-Antivirus-Status: Clean Message-Id: <20090322235316.4757C3A68AC@core3.amsl.com> Date: Sun, 22 Mar 2009 16:53:15 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From lbogav@123boutchou.com Sun Mar 22 21:06:51 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1D21C3A695E for ; Sun, 22 Mar 2009 21:06:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -51.667 X-Spam-Level: X-Spam-Status: No, score=-51.667 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_RFC_BOGUSMX=1.482, FH_RELAY_NODNS=1.451, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id samlQKJE+luZ for ; Sun, 22 Mar 2009 21:06:50 -0700 (PDT) Received: from alumina.com.co (unknown [189.71.39.74]) by core3.amsl.com (Postfix) with SMTP id 605E23A6923 for ; Sun, 22 Mar 2009 21:06:45 -0700 (PDT) To: Subject: You've received an answer to your question From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090323040647.605E23A6923@core3.amsl.com> Date: Sun, 22 Mar 2009 21:06:45 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From molly_vm_viola@aace.com Mon Mar 23 03:33:30 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F10CA3A6A00 for ; Mon, 23 Mar 2009 03:33:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.366 X-Spam-Level: X-Spam-Status: No, score=-4.366 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fSm7qJ5wSTDc for ; Mon, 23 Mar 2009 03:33:30 -0700 (PDT) Received: from 74-233-113-92.pool.ukrtel.net (74-233-113-92.pool.ukrtel.net [92.113.233.74]) by core3.amsl.com (Postfix) with SMTP id 9E6763A6801 for ; Mon, 23 Mar 2009 03:33:26 -0700 (PDT) To: Subject: You've received an answer to your question From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090323103327.9E6763A6801@core3.amsl.com> Date: Mon, 23 Mar 2009 03:33:26 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From jewo1@almouwasattrvl.com Mon Mar 23 04:42:29 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A32833A6AD3 for ; Mon, 23 Mar 2009 04:42:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -16.107 X-Spam-Level: X-Spam-Status: No, score=-16.107 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_RFC_BOGUSMX=1.482, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3cQBDKOoG2+h for ; Mon, 23 Mar 2009 04:42:28 -0700 (PDT) Received: from 3drealms.com (unknown [187.14.13.18]) by core3.amsl.com (Postfix) with SMTP id D63CD3A6AC3 for ; Mon, 23 Mar 2009 04:42:25 -0700 (PDT) To: Subject: Sales Receipt Amazon From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090323114226.D63CD3A6AC3@core3.amsl.com> Date: Mon, 23 Mar 2009 04:42:25 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From shoudashelt@bankofthewest.com Mon Mar 23 05:11:45 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DDCD63A6BF6; Mon, 23 Mar 2009 05:11:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -39.186 X-Spam-Level: X-Spam-Status: No, score=-39.186 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HELO_DYNAMIC_HCC=4.295, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1twj+rxx1Brs; Mon, 23 Mar 2009 05:11:45 -0700 (PDT) Received: from cpc3-linc1-0-0-cust420.nott.cable.ntl.com (cpc3-linc1-0-0-cust420.nott.cable.ntl.com [86.13.169.165]) by core3.amsl.com (Postfix) with SMTP id 230673A67F7; Mon, 23 Mar 2009 05:11:36 -0700 (PDT) To: "Amie Lloyd" Date: Mon, 23 Mar 2009 08:12:23 -0500 Subject: Trim line or sport watch? You choose Message-ID: From: "Kathie Walton" Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Amie I had never seen such beautiful and greatly-performing watches like the ones I found online at http://www.osaoa.cn Get two deeply discounted watches and take an extra 15% discount. http://www.osaoa.cn Our Gucci have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Lloyd From owner-namedroppers@ops.ietf.org Mon Mar 23 07:24:06 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ED6993A6B57; Mon, 23 Mar 2009 07:24:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.431 X-Spam-Level: X-Spam-Status: No, score=-102.431 tagged_above=-999 required=5 tests=[AWL=0.169, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X96lfOd3OVLW; Mon, 23 Mar 2009 07:24:06 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 0A4783A6B24; Mon, 23 Mar 2009 07:24:06 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LlkwY-000KFh-SZ for namedroppers-data0@psg.com; Mon, 23 Mar 2009 14:15:58 +0000 Received: from [2001:1890:1112:1::20] (helo=mail.ietf.org) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LlkwT-000KEV-4U for namedroppers@ops.ietf.org; Mon, 23 Mar 2009 14:15:56 +0000 Received: by core3.amsl.com (Postfix, from userid 0) id C573328C0FD; Mon, 23 Mar 2009 07:15:01 -0700 (PDT) From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org Cc: namedroppers@ops.ietf.org Subject: [dnsext] I-D Action:draft-ietf-dnsext-dnssec-rsasha256-12.txt Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 Message-Id: <20090323141501.C573328C0FD@core3.amsl.com> Date: Mon, 23 Mar 2009 07:15:01 -0700 (PDT) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS Extensions Working Group of the IETF. Title : Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC Author(s) : J. Jansen Filename : draft-ietf-dnsext-dnssec-rsasha256-12.txt Pages : 8 Date : 2009-03-23 This document describes how to produce RSA/SHA-256 and RSA/SHA-512 DNSKEY and RRSIG resource records for use in the Domain Name System Security Extensions (DNSSEC, RFC 4033, RFC 4034, and RFC 4035). A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-rsasha256-12.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-dnsext-dnssec-rsasha256-12.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2009-03-23070109.I-D@ietf.org> --NextPart-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Mon Mar 23 07:50:10 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 10A3D3A6A8E; Mon, 23 Mar 2009 07:50:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0ApOxMh+ciVR; Mon, 23 Mar 2009 07:50:09 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id E60FB3A67DD; Mon, 23 Mar 2009 07:50:08 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LllP2-000MRi-4z for namedroppers-data0@psg.com; Mon, 23 Mar 2009 14:45:24 +0000 Received: from [2001:7b8:206:1::1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LllOw-000MRD-3C for namedroppers@ops.ietf.org; Mon, 23 Mar 2009 14:45:21 +0000 Received: from [213.154.224.70] (dhcp-07.nlnetlabs.nl [213.154.224.70]) (authenticated bits=0) by open.nlnetlabs.nl (8.14.3/8.14.3) with ESMTP id n2NEjBbo002261 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 23 Mar 2009 15:45:12 +0100 (CET) (envelope-from jelte@NLnetLabs.nl) Message-ID: <49C7A077.20108@NLnetLabs.nl> Date: Mon, 23 Mar 2009 15:45:11 +0100 From: Jelte Jansen User-Agent: Thunderbird 2.0.0.21 (X11/20090318) MIME-Version: 1.0 To: namedroppers@ops.ietf.org Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-dnssec-rsasha256-12.txt References: <20090323141501.C573328C0FD@core3.amsl.com> In-Reply-To: <20090323141501.C573328C0FD@core3.amsl.com> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0.1 (open.nlnetlabs.nl [213.154.224.1]); Mon, 23 Mar 2009 15:45:12 +0100 (CET) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Internet-Drafts@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the DNS Extensions Working Group of the IETF. > > > Title : Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC > Author(s) : J. Jansen > Filename : draft-ietf-dnsext-dnssec-rsasha256-12.txt > Pages : 8 just a minor update, i've followed Micheal StJohn's suggestion on the Transaction security issue raised by Ed, and fixed some consistensy issues noted by Alfred. Full wdiff: http://www.nlnetlabs.nl/downloads/publications/draft-ietf-dnsext-dnssec-rsasha256-wdiff-11-12.html Jelte -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknHoHYACgkQ4nZCKsdOncWReQCgp1Y22oJtXWMfCc7wrOUGMMev kBMAmwVOtwKntfqrZ5H4TwdCbtJ3pJfT =QGh3 -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From lwilliams@adventisthealthcare.com Mon Mar 23 09:26:45 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 28EDD3A6B6C for ; Mon, 23 Mar 2009 09:26:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.77 X-Spam-Level: X-Spam-Status: No, score=-14.77 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_EQ_JP=1.244, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HLxFw3BDZZV8 for ; Mon, 23 Mar 2009 09:26:39 -0700 (PDT) Received: from agc.co.jp (unknown [81.213.153.172]) by core3.amsl.com (Postfix) with SMTP id 4F3C53A68E5 for ; Mon, 23 Mar 2009 09:26:33 -0700 (PDT) To: Subject: Sales Receipt Amazon From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090323162636.4F3C53A68E5@core3.amsl.com> Date: Mon, 23 Mar 2009 09:26:33 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From owner-namedroppers@ops.ietf.org Mon Mar 23 10:01:42 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5B5A428C1FE; Mon, 23 Mar 2009 10:01:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.163 X-Spam-Level: X-Spam-Status: No, score=0.163 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, J_CHICKENPOX_33=0.6, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DDdghzExbtz9; Mon, 23 Mar 2009 10:01:41 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 6139928C1F4; Mon, 23 Mar 2009 10:01:41 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LlnRl-0007CL-4V for namedroppers-data0@psg.com; Mon, 23 Mar 2009 16:56:21 +0000 Received: from [76.96.62.40] (helo=QMTA04.westchester.pa.mail.comcast.net) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LlnRg-0007Bs-Bg for namedroppers@ops.ietf.org; Mon, 23 Mar 2009 16:56:18 +0000 Received: from OMTA01.westchester.pa.mail.comcast.net ([76.96.62.11]) by QMTA04.westchester.pa.mail.comcast.net with comcast id Wb4s1b0050EZKEL54gwE8i; Mon, 23 Mar 2009 16:56:14 +0000 Received: from MIKES-LAPTOM.comcast.net ([130.129.18.147]) by OMTA01.westchester.pa.mail.comcast.net with comcast id Wgw11b00X3APSYa3Mgw499; Mon, 23 Mar 2009 16:56:12 +0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Mon, 23 Mar 2009 12:56:02 -0400 To: cet1@cam.ac.uk,Paul Hoffman From: Michael StJohns Subject: Re: [dnsext] question on RFC 5011, section 2.4.3 Cc: namedroppers@ops.ietf.org In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Message-Id: At 09:17 PM 3/13/2009, Chris Thompson wrote: >On Mar 13 2009, Paul Hoffman wrote: > >>At 6:17 PM -0400 3/13/09, Michael StJohns wrote: >[...] >>>One of the anti-downgrade "policies" which is somewhere in the pile of >>>accepted wisdom for DNSSEC says >> >>That does not sound like a good way to run the system we claim will help >>secure the DNS. >> >>>that a "zone" must be signed (e.g. all the RRSets in the zone must be signed) with at least one key per each key algorithm present in the apex >>>DNSKEY rrset. E.g. if the apex RRSet has 5 SHA1RSA keys, it only needs to be signed once, but if the apex set has 2 SHA1RSA keys, an SHA256RSA key and 4 ECP256SHA256 (as yet undefined) keys, each RRSet would need at >>>least 3 signatures. Shorthand for that in discussions has always been "signed by the algorithm". >> >>I would want to see that written down someplace. It seems like a bad design. > >RFC 4035, end of section 2.2: > > There MUST be an RRSIG for each RRset using at least one DNSKEY of > each algorithm in the zone apex DNSKEY RRset. The apex DNSKEY RRset > itself MUST be signed by each algorithm appearing in the DS RRset > located at the delegating parent (if any). > >I don't see why Michael had to call it "accepted wisdom", when it is >in fact "published wisdom"! It's accepted wisdom that this (what's written down) must be done for anti-downgrade. Or at least anti-downgrade was the reason I was given for the requirement stated above. But I don't think that reasoning is anywhere in the spec. Sorry for not being more clear. Mike >-- >Chris Thompson >Email: cet1@cam.ac.uk > > >-- >to unsubscribe send a message to namedroppers-request@ops.ietf.org with >the word 'unsubscribe' in a single line as the message text body. >archive: -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From muramkwsmdih@amkwsm.com Mon Mar 23 10:20:46 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9A0633A6A35 for ; Mon, 23 Mar 2009 10:20:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -53.01 X-Spam-Level: X-Spam-Status: No, score=-53.01 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_EQ_HU=1.35, HOST_EQ_HU=1.245, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ClTZXWQX7I6I for ; Mon, 23 Mar 2009 10:20:39 -0700 (PDT) Received: from core0.goodnet.hu (core0.goodnet.hu [91.82.72.57]) by core3.amsl.com (Postfix) with SMTP id 947143A67E7 for ; Mon, 23 Mar 2009 10:20:37 -0700 (PDT) To: Subject: Sales Receipt Amazon From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090323172038.947143A67E7@core3.amsl.com> Date: Mon, 23 Mar 2009 10:20:37 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From wilma@beijen.nl Mon Mar 23 11:17:40 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B29A63A6B18; Mon, 23 Mar 2009 11:17:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.406 X-Spam-Level: X-Spam-Status: No, score=-14.406 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DYNAMIC=1.144, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T-OMJRH3bW1A; Mon, 23 Mar 2009 11:17:40 -0700 (PDT) Received: from 89-186-159-164.dynamic.primacom.net (89-186-159-164.dynamic.primacom.net [89.186.159.164]) by core3.amsl.com (Postfix) with SMTP id 60F1C3A6C32; Mon, 23 Mar 2009 11:17:34 -0700 (PDT) X-Originating-IP: 185.195.234.164 by 128.190.180.118; Mon, 23 Mar 2009 22:13:21 +0300 Message-ID: To: "Elvira Stiles" From: "Dominique Stanton" Subject: Save thousands... no one will know Date: Mon, 23 Mar 2009 14:18:21 -0500 Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Jimmy If you've waited to get your Gucci watch, this is the right time to go for it. http://www.osaooai.cn Get two deeply discounted watches and take an extra 15% discount. http://www.osaooai.cn Our Gucci have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Honeycutt From lecytqu@alt253.com Mon Mar 23 12:48:35 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1C7F43A69F7 for ; Mon, 23 Mar 2009 12:48:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -12.596 X-Spam-Level: X-Spam-Status: No, score=-12.596 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OPjthykDMutr for ; Mon, 23 Mar 2009 12:48:28 -0700 (PDT) Received: from aaeon.com (unknown [186.80.144.30]) by core3.amsl.com (Postfix) with SMTP id F09903A69A3 for ; Mon, 23 Mar 2009 12:48:26 -0700 (PDT) To: Subject: Email Handling Opinion Needed From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090323194826.F09903A69A3@core3.amsl.com> Date: Mon, 23 Mar 2009 12:48:26 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From observing@a54321.com Mon Mar 23 14:45:46 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 10F363A69A9 for ; Mon, 23 Mar 2009 14:45:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -22.799 X-Spam-Level: X-Spam-Status: No, score=-22.799 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_EQ_MY=0.35, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pRdtUmxuCt+n for ; Mon, 23 Mar 2009 14:45:39 -0700 (PDT) Received: from agc.gov.my (unknown [88.226.228.119]) by core3.amsl.com (Postfix) with SMTP id C65F23A69FA for ; Mon, 23 Mar 2009 14:45:34 -0700 (PDT) To: Subject: Sales Receipt Amazon From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090323214536.C65F23A69FA@core3.amsl.com> Date: Mon, 23 Mar 2009 14:45:34 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From josepsarle.fimarge@andorra.ad Mon Mar 23 23:53:58 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7BCAA3A6A24 for ; Mon, 23 Mar 2009 23:53:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -15.403 X-Spam-Level: X-Spam-Status: No, score=-15.403 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oIlcHVMNg96i for ; Mon, 23 Mar 2009 23:53:51 -0700 (PDT) Received: from aitlbd.net (unknown [77.124.232.148]) by core3.amsl.com (Postfix) with SMTP id 93F6A3A6A80 for ; Mon, 23 Mar 2009 23:53:47 -0700 (PDT) To: Subject: Email Handling Opinion Needed From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090324065348.93F6A3A6A80@core3.amsl.com> Date: Mon, 23 Mar 2009 23:53:47 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From oteuwissen@amphia.nl Tue Mar 24 05:07:23 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C25D03A6C75 for ; Tue, 24 Mar 2009 05:07:23 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -16.654 X-Spam-Level: X-Spam-Status: No, score=-16.654 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ICs-M1Q6PDDC for ; Tue, 24 Mar 2009 05:07:16 -0700 (PDT) Received: from aag.org (unknown [81.213.255.102]) by core3.amsl.com (Postfix) with SMTP id 6753A3A6CF8 for ; Tue, 24 Mar 2009 05:07:11 -0700 (PDT) To: Subject: Sales Order walmart.com From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090324120713.6753A3A6CF8@core3.amsl.com> Date: Tue, 24 Mar 2009 05:07:11 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From majordomo@alhambradigital.com Tue Mar 24 05:18:05 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6DEF428C10B for ; Tue, 24 Mar 2009 05:18:05 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -16.654 X-Spam-Level: X-Spam-Status: No, score=-16.654 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 01yyYJeylf4v for ; Tue, 24 Mar 2009 05:18:05 -0700 (PDT) Received: from 189-47-193-158.dsl.telesp.net.br (189-47-193-158.dsl.telesp.net.br [189.47.193.158]) by core3.amsl.com (Postfix) with SMTP id 2B0EC3A6996 for ; Tue, 24 Mar 2009 05:18:02 -0700 (PDT) To: Subject: Customer Receipt/Purchase Confirmation From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090324121804.2B0EC3A6996@core3.amsl.com> Date: Tue, 24 Mar 2009 05:18:02 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From jeanne.price@aeat-qsa.com Tue Mar 24 09:51:02 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BE37128C2F0 for ; Tue, 24 Mar 2009 09:51:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.314 X-Spam-Level: X-Spam-Status: No, score=-5.314 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BR=0.955, HELO_EQ_DSL=1.129, HELO_EQ_TELESP=1.245, HOST_EQ_BR=1.295, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RDNS_DYNAMIC=0.1, SARE_RECV_SPAM_DOMN02=1.666, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id muEaKQAggER6 for ; Tue, 24 Mar 2009 09:51:01 -0700 (PDT) Received: from 201-92-128-156.dsl.telesp.net.br (201-92-128-156.dsl.telesp.net.br [201.92.128.156]) by core3.amsl.com (Postfix) with SMTP id 4A8EE28C2FA for ; Tue, 24 Mar 2009 09:50:59 -0700 (PDT) To: Subject: Customer Receipt/Purchase Confirmation From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090324165100.4A8EE28C2FA@core3.amsl.com> Date: Tue, 24 Mar 2009 09:50:59 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

A? 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From langley@alro.com Tue Mar 24 10:32:05 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D042E28C25A for ; Tue, 24 Mar 2009 10:32:05 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -9.086 X-Spam-Level: X-Spam-Status: No, score=-9.086 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_DYNAMIC=1.144, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wILFMXM7EV4n for ; Tue, 24 Mar 2009 10:32:05 -0700 (PDT) Received: from 191.pool85-50-131.dynamic.orange.es (191.pool85-50-131.dynamic.orange.es [85.50.131.191]) by core3.amsl.com (Postfix) with SMTP id DD0EC28C2EB for ; Tue, 24 Mar 2009 10:31:59 -0700 (PDT) To: Subject: Re: Discount code #68992 From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090324173159.DD0EC28C2EB@core3.amsl.com> Date: Tue, 24 Mar 2009 10:31:59 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From owner-namedroppers@ops.ietf.org Tue Mar 24 12:41:30 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 653D128C0E2; Tue, 24 Mar 2009 12:41:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 4.67 X-Spam-Level: **** X-Spam-Status: No, score=4.67 tagged_above=-999 required=5 tests=[AWL=-2.480, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, FH_RELAY_NODNS=1.451, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, J_CHICKENPOX_17=0.6, MANGLED_LIST=2.3, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Djw56gbAVpFM; Tue, 24 Mar 2009 12:41:29 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 2598E28C0DC; Tue, 24 Mar 2009 12:41:28 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmCMJ-0000Ew-7a for namedroppers-data0@psg.com; Tue, 24 Mar 2009 19:32:23 +0000 Received: from [213.178.172.147] (helo=WOTAN.TR-Sys.de) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmCMC-0000EQ-Pb for namedroppers@ops.ietf.org; Tue, 24 Mar 2009 19:32:20 +0000 Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3) id AA065833011; Tue, 24 Mar 2009 20:30:11 +0100 Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id UAA06541; Tue, 24 Mar 2009 20:30:10 +0100 (MEZ) From: Alfred =?hp-roman8?B?SM5uZXM=?= Message-Id: <200903241930.UAA06541@TR-Sys.de> Subject: [dnsext] draft-wijngaards-dnsext-trust-history-02 To: wouter@nlnetlabs.nl Date: Tue, 24 Mar 2009 20:30:09 +0100 (MEZ) Cc: namedroppers@ops.ietf.org X-Mailer: ELM [$Revision: 1.17.214.3 $] Mime-Version: 1.0 Content-Type: text/plain; charset=hp-roman8 Content-Transfer-Encoding: 8bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Hello again, I have studied the new version of your "DNSSEC Trust Anchor History Service" proposal, draft-wijngaards-dnsext-trust-history-02, and would like to submit a few comments. First of all, the simplification achieved is astonishing and convincing at once! In fact, without any protocol additions, the new proposal could be ready for use immediately. However, I have a multi-faced proposal for making the structure of history zones a bit more regular and intuitive. The use of two PTR RRs at the zone apex with the awkward collation boundary condition seems to be unfortunate and sub-optimally structured. I suggest to use two reserved labels for the 'head' and 'tail' pointers of the history list, for instance, in the example in Section 4: $ORIGIN tuhi.example.com. | @ PTR h0 | @ PTR h2 --- $ORIGIN tuhi.example.com. | _adam_ PTR h0 ; pointer to most ancient data set | _curr_ PTR h2 ; pointer to most recent data set The labels used here are only examples; any other reasonably mnemonical labels not colliding with commonly used DNS labels will do, but they should be specified. In your proposal, the numbering scheme ("h%d") for the list entries needs to be monotonically increasing solely for the purpose of distinguishing the two "anchors" in a common RRset and has no additional semantics; otherwise, it is only guiding a human reader of the zone data. With the distinct anchors, the former reason no more pertains; using short labels of limited and equal length might then be of benefit as well. Indeed, with the reserved "anchor" labels, it would become possible to use "serial number arithmetics" of a finite length, for instance (if it is intended to allow up to 999 entries) by using 3-digit values (including leading zeros) for "%d"; one single 'gap' is left unused in stable conditions, but can be used to reduce the need for a specific order of the dynamic update operations. The assignment procedure to obtain a "new number" would be instantiated in this case to: "increment the number found in the _curr_ PTR target, modulo 1000". The actual number of digits used could be a deployment decision (per trust history zone). The wraparound would not make any problems due to the fact that the two "anchors" are distinguished by their name and no more by content (within a single RRset). Here are a few editorials I have observed. (1) Section 1, 1st para: s/of/or/ DNSSEC [RFC4034] validators that have been offline of have missed ... --- v DNSSEC [RFC4034] validators that have been offline or have missed ... (2) Section 3, 2nd para The darft says: Copy the newly polled DNSKEY RRset and RRSIGs, change the owner name | to "h%d.example" or similar. With %d a new number, and .example the | history location. Publish the new RRset. Publish PTR records that link list elements. Update PTR records for the list start and end. The 2nd sentence apparently is incomplete. How about this update: Copy the newly polled DNSKEY RRset and RRSIGs, change the owner name | to "h%d.example" or similar, with "%d" replaced by a new number, and | ".example" replaced by the history location. Publish the new RRset. Publish PTR records that link list elements. Update PTR records for the list start and end. (3) Section 3, 3rd para Please insert the missing articles, and adjust the punctuation: The list is a double linked list, because this empowers low memory hosts to perform consistency checks. Thus if there is x.example PTR | y.example then there MUST be y.example PTR x.example. Except at | start and end of list. --- The list is a double linked list, because this empowers low memory hosts to perform consistency checks. Thus if there is x.example PTR | y.example then there MUST be y.example PTR x.example, except at the | start and end of the list. ^^^^^ ^^^ ^^^^ Kind regards, Alfred HÎnes. -- +------------------------+--------------------------------------------+ | TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. | | Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 | | D-71254 Ditzingen | E-Mail: ah@TR-Sys.de | +------------------------+--------------------------------------------+ -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From michelle@aceway.com.tw Tue Mar 24 13:34:40 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 12C6728C16B for ; Tue, 24 Mar 2009 13:34:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.292 X-Spam-Level: X-Spam-Status: No, score=-17.292 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_DYNAMIC_HCC=4.295, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WzVw7TONqwC3 for ; Tue, 24 Mar 2009 13:34:39 -0700 (PDT) Received: from cpc1-scun3-0-0-cust923.nott.cable.ntl.com (cpc1-scun3-0-0-cust923.nott.cable.ntl.com [82.12.83.156]) by core3.amsl.com (Postfix) with SMTP id CCB8128C10B for ; Tue, 24 Mar 2009 13:34:35 -0700 (PDT) To: Subject: Customer Receipt/Purchase Confirmation From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090324203436.CCB8128C10B@core3.amsl.com> Date: Tue, 24 Mar 2009 13:34:35 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From eriks@colheli.com Tue Mar 24 15:33:53 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8D3663A6BA0; Tue, 24 Mar 2009 15:33:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -58.367 X-Spam-Level: X-Spam-Status: No, score=-58.367 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, HELO_DYNAMIC_DHCP=1.398, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1n8vRH3fZqqF; Tue, 24 Mar 2009 15:33:52 -0700 (PDT) Received: from DHCP-57.64-179-147.iw.net (DHCP-57.64-179-147.iw.net [64.179.147.57]) by core3.amsl.com (Postfix) with SMTP id 5AEC23A69ED; Tue, 24 Mar 2009 15:33:48 -0700 (PDT) From: "Mollie Davies" To: "Althea Schmitz" Subject: Inexpensive Breitling watches Date: Tue, 24 Mar 2009 18:34:37 -0500 Message-ID: <364Nyefp.r4590C7534dhcwg-bounces@ietf.org> Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Hello Althea Winter is the time to get Patek Phillipe watch, and the only place to get top notch watches that look and perform exactly like the originals is http://king6237.hostbot.com Take an extra 15% off your purchase during month of March. http://king6237.hostbot.com Our Patek Phillipe have Weights/feels and looks exactly same as original. Sincerely, Mr Schmitz From kishidd@360.cc Tue Mar 24 23:14:43 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 954EC3A6C1C for ; Tue, 24 Mar 2009 23:14:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -11.257 X-Spam-Level: X-Spam-Status: No, score=-11.257 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_EQ_BR=0.955, HOST_EQ_BR=1.295, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, SARE_RECV_VIRTUACOMBR=1.193, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hYLoMpV2ncgl for ; Tue, 24 Mar 2009 23:14:42 -0700 (PDT) Received: from c9515fd1.virtua.com.br (c9515fd1.virtua.com.br [201.81.95.209]) by core3.amsl.com (Postfix) with SMTP id 2B7D93A6BB3 for ; Tue, 24 Mar 2009 23:14:40 -0700 (PDT) To: Subject: Order Shipped -- Order #44211 From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090325061441.2B7D93A6BB3@core3.amsl.com> Date: Tue, 24 Mar 2009 23:14:40 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From owner-namedroppers@ops.ietf.org Wed Mar 25 03:01:43 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6093628C0D7; Wed, 25 Mar 2009 03:01:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.552 X-Spam-Level: X-Spam-Status: No, score=-103.552 tagged_above=-999 required=5 tests=[AWL=-1.603, BAYES_00=-2.599, HELO_EQ_FR=0.35, MIME_8BIT_HEADER=0.3, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cj4Fc6tc6aaY; Wed, 25 Mar 2009 03:01:42 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 96CEC3A68D4; Wed, 25 Mar 2009 03:01:42 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmPoi-0001pk-PS for namedroppers-data0@psg.com; Wed, 25 Mar 2009 09:54:36 +0000 Received: from [2001:660:3003:2::4:11] (helo=mx2.nic.fr) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmPoc-0001pF-Pf for namedroppers@ops.ietf.org; Wed, 25 Mar 2009 09:54:33 +0000 Received: from mx2.nic.fr (localhost [127.0.0.1]) by mx2.nic.fr (Postfix) with SMTP id 7E8991C014A; Wed, 25 Mar 2009 10:54:29 +0100 (CET) Received: from relay2.nic.fr (relay2.nic.fr [192.134.4.163]) by mx2.nic.fr (Postfix) with ESMTP id 795141C002A; Wed, 25 Mar 2009 10:54:29 +0100 (CET) Received: from bortzmeyer.nic.fr (batilda.nic.fr [192.134.4.69]) by relay2.nic.fr (Postfix) with ESMTP id 76B9A7B003A; Wed, 25 Mar 2009 10:54:29 +0100 (CET) Date: Wed, 25 Mar 2009 10:54:29 +0100 From: Stephane Bortzmeyer To: =?iso-8859-1?Q?=D3lafur_Gu=F0mundsson?= /DNSEXT chair Cc: namedroppers@ops.ietf.org Subject: [dnsext] Re: WGLC: DNS Proxy Implementation Guidelines Message-ID: <20090325095429.GA19061@nic.fr> References: <200903122231.n2CMVjXB033807@stora.ogud.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="cNdxnHkX5QqsyA0e" Content-Disposition: inline In-Reply-To: <200903122231.n2CMVjXB033807@stora.ogud.com> X-Operating-System: Debian GNU/Linux 5.0 X-Kernel: Linux 2.6.26-1-686 i686 Organization: NIC France X-URL: http://www.nic.fr/ User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --cNdxnHkX5QqsyA0e Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Mar 12, 2009 at 06:21:50PM -0400, =D3lafur Gu=F0mundsson /DNSEXT chair wrote=20 a message of 81 lines which said: > Please read the document carefully, this is an important document that > the DNS community can use to improve the behavior of an important segment= of > the industry. I have read (seriously, I believe), the document, and I do not have specific typos to fix or technical changes to make. I regret that it seems to acknowledge the idea of "DNS proxies", things which are not real proxies (like a BIND or Unbound configured with forwarders are) but neither real and (transparent to DNS) routers. The middleboxes mentioned in the document seem to me to be real hacks and their usage should be discouraged. Section 3 is far =66rom perfect in that respect. But I understand that there is a big problem today with broken proxies and, should we have these hacks, it is better to have them behave not too badly.=20 Therefore, publication of this document seems OK to me. Without the last paragraph of 5.3, I would have hesitated a lot. --cNdxnHkX5QqsyA0e Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJyf9VQTZHl5fW0kYRAhmOAKCFYFkYyeBJstCedK0BXUuDgLPKEACfWDd5 04yIuHHNxinVNuAaJdd5dEo= =H7Fq -----END PGP SIGNATURE----- --cNdxnHkX5QqsyA0e-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 25 03:02:19 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ADC1328C0DB; Wed, 25 Mar 2009 03:02:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.25 X-Spam-Level: X-Spam-Status: No, score=0.25 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_NL=0.55, HELO_MISMATCH_NL=1.448, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HBzOziH4WTmJ; Wed, 25 Mar 2009 03:02:18 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 98D5828C0D7; Wed, 25 Mar 2009 03:02:18 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmPsX-0002Bm-Mc for namedroppers-data0@psg.com; Wed, 25 Mar 2009 09:58:33 +0000 Received: from [85.17.178.138] (helo=rotring.dds.nl) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmPsL-000299-NE for namedroppers@ops.ietf.org; Wed, 25 Mar 2009 09:58:30 +0000 Received: from localhost (localhost [127.0.0.1]) by rotring.dds.nl (Postfix) with ESMTP id 01A5F272D4D; Wed, 25 Mar 2009 10:58:21 +0100 (CET) Received: from [192.168.254.3] (unknown [195.241.9.117]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by rotring.dds.nl (Postfix) with ESMTP id 77F34272C9B; Wed, 25 Mar 2009 10:58:14 +0100 (CET) Message-ID: <49CA0036.4080007@nlnetlabs.nl> Date: Wed, 25 Mar 2009 10:58:14 +0100 From: "W.C.A. Wijngaards" User-Agent: Thunderbird 2.0.0.21 (X11/20090320) MIME-Version: 1.0 To: =?UTF-8?B?QWxmcmVkIO+/vQ==?= CC: namedroppers@ops.ietf.org Subject: Re: [dnsext] draft-wijngaards-dnsext-trust-history-02 References: <200903241930.UAA06541@TR-Sys.de> In-Reply-To: <200903241930.UAA06541@TR-Sys.de> X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Virus-Scanned: ClamAV 0.94.2/9164/Wed Mar 25 05:02:31 2009 on rotring X-Virus-Status: Clean Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Alfred, Alfred � wrote: > First of all, the simplification achieved is astonishing and > convincing at once! In fact, without any protocol additions, > the new proposal could be ready for use immediately. Thank you, I tried to make it very short and easy. In fact, since the zone operator cooperation is not required (no special delays or REVOKE), it can be used on any signed zone right away. > I suggest to use two reserved labels for the 'head' and 'tail' > pointers of the history list, for instance, in the example > in Section 4: Great idea. _tuhihead and _tuhitail are good I think. > In your proposal, the numbering scheme ("h%d") for the list entries > needs to be monotonically increasing solely for the purpose of > distinguishing the two "anchors" in a common RRset and has no > additional semantics; otherwise, it is only guiding a human reader > of the zone data. With the distinct anchors, the former reason no > more pertains; using short labels of limited and equal length might > then be of benefit as well. ... > The wraparound would not make any problems due to the fact that > the two "anchors" are distinguished by their name and no more > by content (within a single RRset). Perhaps, I had better note that the storage names can be chosen by the provider at will. So that "h%d" becomes a suggestion. And providers can use dates or a rolling modulo 3-digit number if they want to. Because this keeps the draft short, long ones make the sleepy dnsext group snore more :-) Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAknKADUACgkQkDLqNwOhpPjsmwCdFSqLYQ5E8Ltkk7aEFudQl6xt vHAAoIBP60zRKK+Yf4+yxkNUXHBBTmdZ =4wZC -----END PGP SIGNATURE----- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 25 03:15:28 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0EA6E3A679F; Wed, 25 Mar 2009 03:15:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.83 X-Spam-Level: X-Spam-Status: No, score=-0.83 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_AT=0.424, HOST_EQ_AT=0.745, J_CHICKENPOX_91=0.6] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y4Fmd1wQeFxu; Wed, 25 Mar 2009 03:15:27 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 145F83A63C9; Wed, 25 Mar 2009 03:15:27 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmQ2y-0003Fw-69 for namedroppers-data0@psg.com; Wed, 25 Mar 2009 10:09:20 +0000 Received: from [2001:62a:4:25::25:115] (helo=grace.univie.ac.at) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmQ2r-0003FF-5Q for namedroppers@ops.ietf.org; Wed, 25 Mar 2009 10:09:17 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univie.ac.at; s=rev1; h=Message-ID:Date:From:MIME-Version:To: CC:Subject:References:In-Reply-To:Content-Type; bh=Tqu0rKizLdqgI MFO64+sJlfqYkwjGizMf9Hh/Q5BWlg=; b=Q+M+FPGPAy4iyS1R2MZuHv6Ihohgw X3BfR3yJfrb320P4TCwpCaZv8ipFefgw5GLudbNWIBALW4uVgEXXxhz3x/NywVG0 lxSNpyUFOm9rj1bL7gEnNE6BLnYTTjLJT2t+VPR2nHgN658Ez7q8T8mKwUhIfrZG V65F9vTnZl//MY= Received: from joan.univie.ac.at ([131.130.3.110] helo=joan.univie.ac.at) by grace.univie.ac.at with esmtp (Exim 4.69) (envelope-from ) id 1LmQ2n-0005E5-0S; Wed, 25 Mar 2009 11:09:09 +0100 Received: from [2001:62a:4:203:215:60ff:fea0:bcb2] by joan.univie.ac.at with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from ) id 1LmQ2m-00028P-RY; Wed, 25 Mar 2009 11:09:08 +0100 Message-ID: <49CA02C3.8090003@univie.ac.at> Date: Wed, 25 Mar 2009 11:09:07 +0100 From: ap User-Agent: Thunderbird 2.0.0.19 (X11/20081227) MIME-Version: 1.0 To: ah@tr-sys.de CC: scottr@nist.gov, wouter@nlnetlabs.nl, namedroppers@ops.ietf.org, ajs@shinkuro.com Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-rfc2672bis-dname-15.txt References: <200903241431.PAA06281@TR-Sys.de> In-Reply-To: <200903241431.PAA06281@TR-Sys.de> Content-Type: multipart/mixed; boundary="------------070508080604070609040301" Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: This is a multi-part message in MIME format. --------------070508080604070609040301 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Hi, Alfred Hnes wrote: > (1) Section 2.2 > > In > http://ops.IETF.ORG/lists/namedroppers/namedroppers.2009/msg00354.html > Andreas Papst has discussed the table of examples in Section 2.2 > (Table 1), when not read as independent example lines. > However, I strongly assume that this table had been intended as > a collection of _independent_ (single-line) examples. > > Perhaps this should be emphasized even more in the text to avoid > having to discuss the combined effects of any two lines in the table. > How about inserting blank lines between the lines in the table? > This is not my point. For me the last column of this table (term "result") should give the final value for DNS address resolution. Thus: QNAME owner DNAME target result ---------------- -------------- -------------- ----------------- cyc.example.com. example.com. example.com. -> ERROR cyc.example.com. example.com. c.example.com. -> ERROR (ERROR is due to infinite looping when resolving this QNAME record) and QNAME owner DNAME target result ---------------- -------------- -------------- ----------------- shortloop.x.x. x. . shortloop. shortloop.x. x. . shortloop. On the other hand, I made two suggestions 1/ add a sentence like this to your draft: a DNAME record pointing to itself or down to a subdomain is a logical MUST NOT use case 2/ for authoritative nameservers and named-checkzone: implement a check if a DNAME record is pointing to itself or down the domain-tree at zone loading time to avoid error conditions in DNS. Kind regards Andreas Papst --------------070508080604070609040301 Content-Type: text/x-vcard; charset=utf-8; name="Andreas_Papst.vcf" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="Andreas_Papst.vcf" begin:vcard fn:Andreas Papst n:Papst;Andreas org:University of Vienna;ZID adr:;;Universitaetsstrasse 7;Wien;;1010;Austria email;internet:Andreas.Papst@univie.ac.at tel;work:+43 1 4277 14036 tel;fax:+43 1 4277 14279 tel;cell:+43 664 60277 14036 x-mozilla-html:FALSE version:2.1 end:vcard --------------070508080604070609040301-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From mpetrowski@ala.org Wed Mar 25 05:15:07 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 37A423A68F0 for ; Wed, 25 Mar 2009 05:15:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -31.194 X-Spam-Level: X-Spam-Status: No, score=-31.194 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_RATIO_04=0.172, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eA0jfOlVb6xz for ; Wed, 25 Mar 2009 05:15:04 -0700 (PDT) Received: from amanresorts.com (unknown [189.74.29.135]) by core3.amsl.com (Postfix) with SMTP id 36A783A6A5E for ; Wed, 25 Mar 2009 05:14:57 -0700 (PDT) To: Subject: you subscribe #36530 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090325121459.36A783A6A5E@core3.amsl.com> Date: Wed, 25 Mar 2009 05:14:57 -0700 (PDT)
18/18/09

CONVINCE HER TO EXPERIMENT MORE
Click Here

The Men's Health Girl Next Door

   
COUPLES
Handle with Care


Avoid these relationship mistakes for more
DECODE HER
The Female Coregasm
Yes, it's true: Women can have great ending while working out
Demystify the coregasm

THE ABS DIET ONLINE
Flat, firm abs made easy
• Workouts designed to fit your schedule, your body, your goals
• Customizable meal plans and no-hassle shopping lists
• Killer tracking tools to chart your progress
• Endless food options (stuff you want to eat)
• Total flexibility: swap, delete or add foods/exercises to your program
Start now!
Click Here!


YOUR PRIVACY RIGHTS  |  CONTACT US  |  UNSUBSCRIBE

COPYRIGHT RODALE, INC. 2009
33 East Minor Street, Emmaus, PA 18098, Attn: Customer Service
From kay.hillhouse@airparade.co.uk Wed Mar 25 07:20:56 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9A2393A6B96 for ; Wed, 25 Mar 2009 07:20:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -7.399 X-Spam-Level: X-Spam-Status: No, score=-7.399 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pma9b5GXjFvf for ; Wed, 25 Mar 2009 07:20:56 -0700 (PDT) Received: from 126-165-113-92.pool.ukrtel.net (126-165-113-92.pool.ukrtel.net [92.113.165.126]) by core3.amsl.com (Postfix) with SMTP id 5BEF83A696F for ; Wed, 25 Mar 2009 07:20:52 -0700 (PDT) To: Subject: Order Shipped -- Order #31451 From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090325142053.5BEF83A696F@core3.amsl.com> Date: Wed, 25 Mar 2009 07:20:52 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From majordomo@altwaem.net Wed Mar 25 09:28:51 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4E3093A6A03 for ; Wed, 25 Mar 2009 09:28:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -20.228 X-Spam-Level: X-Spam-Status: No, score=-20.228 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_DYNAMIC_IPADDR2=4.395, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_IP_ADDR=1.119, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RCVD_NUMERIC_HELO=2.067, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mqxwNq8idxkg for ; Wed, 25 Mar 2009 09:28:50 -0700 (PDT) Received: from 89.105.253.180.dn.farlep.net (89.105.253.180.dn.farlep.net [89.105.253.180]) by core3.amsl.com (Postfix) with SMTP id 383593A6BB8 for ; Wed, 25 Mar 2009 09:28:46 -0700 (PDT) To: Subject: Sales Receipt Amazon From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090325162847.383593A6BB8@core3.amsl.com> Date: Wed, 25 Mar 2009 09:28:46 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From jpecina@adclinic.com Wed Mar 25 09:40:23 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E91323A6839 for ; Wed, 25 Mar 2009 09:40:23 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -29.603 X-Spam-Level: X-Spam-Status: No, score=-29.603 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_ALMOST_IP=5.417, FH_HOST_ALMOST_IP=1.889, FH_HOST_EQ_DYNAMICIP=2.177, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_DYNAMIC=1.144, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fqg7rVoNzscn for ; Wed, 25 Mar 2009 09:40:23 -0700 (PDT) Received: from 100.Red-81-34-191.dynamicIP.rima-tde.net (100.Red-81-34-191.dynamicIP.rima-tde.net [81.34.191.100]) by core3.amsl.com (Postfix) with SMTP id BD2C13A67D1 for ; Wed, 25 Mar 2009 09:40:21 -0700 (PDT) To: Subject: itunes.com Invoice #56373 From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090325164021.BD2C13A67D1@core3.amsl.com> Date: Wed, 25 Mar 2009 09:40:21 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From josefina@aliroo.com Wed Mar 25 10:43:51 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2543C3A6B16 for ; Wed, 25 Mar 2009 10:43:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -13.154 X-Spam-Level: X-Spam-Status: No, score=-13.154 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_RATIO_04=0.172, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XdDKHkhqgAlA for ; Wed, 25 Mar 2009 10:43:49 -0700 (PDT) Received: from alexlee.com (unknown [88.229.254.88]) by core3.amsl.com (Postfix) with SMTP id F208528C24F for ; Wed, 25 Mar 2009 10:43:01 -0700 (PDT) To: Subject: Mail 04849 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090325174302.F208528C24F@core3.amsl.com> Date: Wed, 25 Mar 2009 10:43:01 -0700 (PDT)
18/18/09

CONVINCE HER TO EXPERIMENT MORE
Click Here

The Men's Health Girl Next Door

   
COUPLES
Handle with Care


Avoid these relationship mistakes for more
DECODE HER
The Female Coregasm
Yes, it's true: Women can have great ending while working out
Demystify the coregasm

THE ABS DIET ONLINE
Flat, firm abs made easy
• Workouts designed to fit your schedule, your body, your goals
• Customizable meal plans and no-hassle shopping lists
• Killer tracking tools to chart your progress
• Endless food options (stuff you want to eat)
• Total flexibility: swap, delete or add foods/exercises to your program
Start now!
Click Here!


YOUR PRIVACY RIGHTS  |  CONTACT US  |  UNSUBSCRIBE

COPYRIGHT RODALE, INC. 2009
33 East Minor Street, Emmaus, PA 18098, Attn: Customer Service
From owner-namedroppers@ops.ietf.org Wed Mar 25 11:36:49 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1E7703A6B72; Wed, 25 Mar 2009 11:36:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.746 X-Spam-Level: X-Spam-Status: No, score=-4.746 tagged_above=-999 required=5 tests=[AWL=-1.364, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1, SARE_URI_EQUALS=1.666] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xqWLDvxa-JRd; Wed, 25 Mar 2009 11:36:48 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 42D303A6D93; Wed, 25 Mar 2009 11:36:48 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmXqy-0007Tm-1x for namedroppers-data0@psg.com; Wed, 25 Mar 2009 18:29:28 +0000 Received: from [192.150.186.11] (helo=fruitcake.ICSI.Berkeley.EDU) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmXqm-0007RO-Q1 for namedroppers@ops.ietf.org; Wed, 25 Mar 2009 18:29:24 +0000 Received: from [IPv6:::1] (fruitcake [192.150.186.11]) by fruitcake.ICSI.Berkeley.EDU (8.12.11.20060614/8.12.11) with ESMTP id n2PISwXS024852; Wed, 25 Mar 2009 11:28:59 -0700 (PDT) Message-Id: <7816DBBC-1C6D-42F1-8AB3-BF6A8100B53D@ICSI.Berkeley.EDU> From: Nicholas Weaver To: Namedroppers Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v930.3) Subject: [dnsext] HAHAHAHA... Date: Wed, 25 Mar 2009 11:22:33 -0700 Cc: Nicholas Weaver X-Mailer: Apple Mail (2.930.3) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: I'm at the IETF to meet a couple of people today the network in the hotel lobby entitled ietf (from IP address dhcp-112c.meeting.ietf.org / 130.129.17.44, DNS resolver's external address is 130.129.5.6 )... does NOT do DNS port randomization. In fact, all outbound DNS requests are on port 53. (dig entropy.nettest.icir.org: ;; QUESTION SECTION: ;entropy.nettest.icir.org. IN A ;; ANSWER SECTION: entropy.nettest.icir.org. 1 IN CNAME status.pt=53.ad=130.129.5.6.id=11858.0x20=F.nettest.icir.org. status.pt=53.ad=130.129.5.6.id=11858.0x20=F.nettest.icir.org. 1 IN A 192.150.187.31 -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 25 14:19:47 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F3AF33A6DBE; Wed, 25 Mar 2009 14:19:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 3.304 X-Spam-Level: *** X-Spam-Status: No, score=3.304 tagged_above=-999 required=5 tests=[AWL=-0.946, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, FH_RELAY_NODNS=1.451, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RLIXfdNIONCm; Wed, 25 Mar 2009 14:19:46 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 363C53A67B3; Wed, 25 Mar 2009 14:19:46 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmaQ7-000NS1-FP for namedroppers-data0@psg.com; Wed, 25 Mar 2009 21:13:55 +0000 Received: from [213.178.172.147] (helo=WOTAN.TR-Sys.de) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmaQ1-000NRc-V0 for namedroppers@ops.ietf.org; Wed, 25 Mar 2009 21:13:52 +0000 Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3) id AA072205503; Wed, 25 Mar 2009 22:11:43 +0100 Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id WAA10334; Wed, 25 Mar 2009 22:11:42 +0100 (MEZ) From: Alfred =?hp-roman8?B?SM5uZXM=?= Message-Id: <200903252111.WAA10334@TR-Sys.de> Subject: [dnsext] draft-ietf-dnsext-dnsproxy-03 nits To: ray.bellis@nominet.org.uk Date: Wed, 25 Mar 2009 22:11:41 +0100 (MEZ) Cc: namedroppers@ops.ietf.org X-Mailer: ELM [$Revision: 1.17.214.3 $] Mime-Version: 1.0 Content-Type: text/plain; charset=hp-roman8 Content-Transfer-Encoding: 7bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: I have re-read the updated draft version from scratch and noted two left-over nits: a) Section 5.3, 1st para: s/describe above/described above/ ^ b) Section 6.2, 1st para: the trailing period is missing. Kind regards, Alfred. -- +------------------------+--------------------------------------------+ | TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. | | Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 | | D-71254 Ditzingen | E-Mail: ah@TR-Sys.de | +------------------------+--------------------------------------------+ -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From joietzkoxyq@advtelecom.com Wed Mar 25 15:15:01 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6FF8C3A6A8A for ; Wed, 25 Mar 2009 15:15:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.602 X-Spam-Level: X-Spam-Status: No, score=-14.602 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_EQ_DSL=1.129, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ne5ISf6z9kSl for ; Wed, 25 Mar 2009 15:15:00 -0700 (PDT) Received: from aut145.neoplus.adsl.tpnet.pl (aun118.neoplus.adsl.tpnet.pl [83.27.21.118]) by core3.amsl.com (Postfix) with SMTP id EDAC13A6C3C for ; Wed, 25 Mar 2009 15:14:50 -0700 (PDT) To: Subject: You've received an answer to your question From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090325221452.EDAC13A6C3C@core3.amsl.com> Date: Wed, 25 Mar 2009 15:14:50 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From robert8007313@kerasotes.com Wed Mar 25 15:28:04 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A30A93A6D4D; Wed, 25 Mar 2009 15:28:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.611 X-Spam-Level: X-Spam-Status: No, score=-3.611 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FB_QUALITY_REPLICA=10.357, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FS_REPLICA=0.994, HELO_DYNAMIC_IPADDR2=4.395, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_DYNAMIC=1.144, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, SARE_SPEC_REPLICA_OBFU=1.812, SARE_SPEC_ROLEX_HIQLT=1.666, SARE_SPEC_ROLEX_NOV5A=1.062, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aX-PHxX6iKtN; Wed, 25 Mar 2009 15:28:03 -0700 (PDT) Received: from 61.85-85-121.dynamic.clientes.euskaltel.es (61.85-85-121.dynamic.clientes.euskaltel.es [85.85.121.61]) by core3.amsl.com (Postfix) with SMTP id BD1783A6D58; Wed, 25 Mar 2009 15:27:51 -0700 (PDT) From: "Cesar Harrell" To: "Alfreda Morrison" Message-ID: Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Date: Wed, 25 Mar 2009 18:28:42 -0500 Subject: Replica for you Exquisite Replicas is now bigger and better than ever before! I'm sure you're familiar with this popular replica store, so I'm glad to announce that Exquisite Replicas has been completely redesigned and now offers not only the highest quality replica watches but also handbags and jewelry! In addition, they're running a 15% special these days when you buy two watches! There's never been a better time to buy a replica watch, especially a Tag Heuer! With prices as low as $200, and the store unmatched privacy assurance guarantee, I'm sure you won't want to wait to get your superior quality Tag Heuer replica! http://reartime.com No virus found in this outgoing message Checked by PC Tools AntiVirus (5.0.1.1 - 10.100.086). http://www.pctools.com/free-antivirus/ From koeln@abc-leasing.de Wed Mar 25 15:46:13 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5BDDC28C1AB for ; Wed, 25 Mar 2009 15:46:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -31.614 X-Spam-Level: X-Spam-Status: No, score=-31.614 tagged_above=-999 required=5 tests=[AWL=-17.058, BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i4hwvwtggM71 for ; Wed, 25 Mar 2009 15:46:13 -0700 (PDT) Received: from allianz.pt (unknown [189.78.192.93]) by core3.amsl.com (Postfix) with SMTP id 7417A3A6833 for ; Wed, 25 Mar 2009 15:46:05 -0700 (PDT) To: Subject: Re: Discount code #61578 From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090325224607.7417A3A6833@core3.amsl.com> Date: Wed, 25 Mar 2009 15:46:05 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From owner-namedroppers@ops.ietf.org Wed Mar 25 17:32:08 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2A74D28C1C3; Wed, 25 Mar 2009 17:32:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.152 X-Spam-Level: X-Spam-Status: No, score=-0.152 tagged_above=-999 required=5 tests=[AWL=-0.552, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_INFO=1.448, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zPk9Sy2iI9Zr; Wed, 25 Mar 2009 17:32:07 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 5149C28C0D6; Wed, 25 Mar 2009 17:32:06 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmdNI-000GbN-5K for namedroppers-data0@psg.com; Thu, 26 Mar 2009 00:23:12 +0000 Received: from [208.86.224.201] (helo=mail.yitter.info) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmdNA-000Gb0-U5 for namedroppers@ops.ietf.org; Thu, 26 Mar 2009 00:23:09 +0000 Received: from crankycanuck.ca (dhcp-10f0.meeting.ietf.org [130.129.16.240]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yitter.info (Postfix) with ESMTPSA id 3195E2FEA5F2 for ; Thu, 26 Mar 2009 00:23:01 +0000 (UTC) Date: Wed, 25 Mar 2009 20:22:59 -0400 From: Andrew Sullivan To: namedroppers@ops.ietf.org Subject: Re: [dnsext] HAHAHAHA... Message-ID: <20090326002258.GF11052@shinkuro.com> References: <7816DBBC-1C6D-42F1-8AB3-BF6A8100B53D@ICSI.Berkeley.EDU> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <7816DBBC-1C6D-42F1-8AB3-BF6A8100B53D@ICSI.Berkeley.EDU> User-Agent: Mutt/1.5.18 (2008-05-17) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: On Wed, Mar 25, 2009 at 11:22:33AM -0700, Nicholas Weaver wrote: \ > the network in the hotel lobby entitled ietf (from IP address > dhcp-112c.meeting.ietf.org / 130.129.17.44, DNS resolver's external > address is 130.129.5.6 )... > > does NOT do DNS port randomization. In fact, all outbound DNS requests > are on port 53. Only that one, I assume? I'm not having the problem in the meeting rooms. A -- Andrew Sullivan ajs@shinkuro.com Shinkuro, Inc. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From owner-namedroppers@ops.ietf.org Wed Mar 25 17:53:13 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D9A483A6805; Wed, 25 Mar 2009 17:53:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.662 X-Spam-Level: X-Spam-Status: No, score=-101.662 tagged_above=-999 required=5 tests=[AWL=-0.729, BAYES_00=-2.599, SARE_URI_EQUALS=1.666, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OH9R679i9lqf; Wed, 25 Mar 2009 17:53:12 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id AB6723A6359; Wed, 25 Mar 2009 17:53:12 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmdmV-000J0L-1w for namedroppers-data0@psg.com; Thu, 26 Mar 2009 00:49:15 +0000 Received: from [2001:7b8:206:1:0:1234:be21:e31e] (helo=bert.secret-wg.org) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LmdmL-000Izp-DW for namedroppers@ops.ietf.org; Thu, 26 Mar 2009 00:49:10 +0000 Received: from bert.secret-wg.org (localhost [127.0.0.1]) by bert.secret-wg.org (Postfix) with ESMTP id 3D6724AC054 for ; Thu, 26 Mar 2009 01:49:04 +0100 (CET) Received: from dhcp-14ea.meeting.ietf.org (dhcp-14ea.meeting.ietf.org [130.129.20.234]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client did not present a certificate) by bert.secret-wg.org (Postfix) with ESMTPSA id BF74A4AC009 for ; Thu, 26 Mar 2009 01:49:03 +0100 (CET) Message-Id: From: "Olaf M. Kolkman" To: Namedroppers In-Reply-To: <7816DBBC-1C6D-42F1-8AB3-BF6A8100B53D@ICSI.Berkeley.EDU> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v930.3) Subject: Re: [dnsext] HAHAHAHA... Date: Wed, 25 Mar 2009 17:49:00 -0700 References: <7816DBBC-1C6D-42F1-8AB3-BF6A8100B53D@ICSI.Berkeley.EDU> X-Mailer: Apple Mail (2.930.3) X-Virus-Scanned: Bert scanned this mail with ClamAV using ClamSMTP Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: Reported to the NOC, they'll take (or even took) action. --Olaf On Mar 25, 2009, at 11:22 AM, Nicholas Weaver wrote: > I'm at the IETF to meet a couple of people today > > the network in the hotel lobby entitled ietf (from IP address > dhcp-112c.meeting.ietf.org / 130.129.17.44, DNS resolver's external > address is 130.129.5.6 )... > > does NOT do DNS port randomization. In fact, all outbound DNS > requests are on port 53. > > (dig entropy.nettest.icir.org: > ;; QUESTION SECTION: > ;entropy.nettest.icir.org. IN A > > ;; ANSWER SECTION: > entropy.nettest.icir.org. 1 IN CNAME > status.pt=53.ad=130.129.5.6.id=11858.0x20=F.nettest.icir.org. > status.pt=53.ad=130.129.5.6.id=11858.0x20=F.nettest.icir.org. 1 IN A > 192.150.187.31 > > > > -- > to unsubscribe send a message to namedroppers-request@ops.ietf.org > with > the word 'unsubscribe' in a single line as the message text body. > archive: ----------------------------------------------------------- Olaf M. Kolkman NLnet Labs http://www.nlnetlabs.nl/ -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From kgzamico-jp.comm.habu@amico-jp.com Wed Mar 25 20:05:24 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9CA103A6A8B for ; Wed, 25 Mar 2009 20:05:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -22.594 X-Spam-Level: X-Spam-Status: No, score=-22.594 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_EQ_AU=0.377, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JPYZdL1DDi74 for ; Wed, 25 Mar 2009 20:05:23 -0700 (PDT) Received: from accsoft.com.au (unknown [96.36.136.209]) by core3.amsl.com (Postfix) with SMTP id 879393A6873 for ; Wed, 25 Mar 2009 20:05:21 -0700 (PDT) To: Subject: Sales Receipt Amazon From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090326030522.879393A6873@core3.amsl.com> Date: Wed, 25 Mar 2009 20:05:21 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From orte_p1@3com.com Wed Mar 25 21:01:51 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3A1663A6DC7 for ; Wed, 25 Mar 2009 21:01:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -12.976 X-Spam-Level: X-Spam-Status: No, score=-12.976 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_DHCP=1.398, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_CPE=0.5, HOST_EQ_CPE=0.979, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YEa+HEuu+qU2 for ; Wed, 25 Mar 2009 21:01:50 -0700 (PDT) Received: from cpe-72-226-70-205.nycap.res.rr.com (cpe-72-226-70-205.nycap.res.rr.com [72.226.70.205]) by core3.amsl.com (Postfix) with SMTP id BE9103A6DB3 for ; Wed, 25 Mar 2009 21:01:48 -0700 (PDT) To: Subject: Customer Receipt/Purchase Confirmation From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090326040149.BE9103A6DB3@core3.amsl.com> Date: Wed, 25 Mar 2009 21:01:48 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From mississippiansob648@ampmdoc.com Thu Mar 26 00:55:20 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A2A2B3A68C1 for ; Thu, 26 Mar 2009 00:55:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 2.577 X-Spam-Level: ** X-Spam-Status: No, score=2.577 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DSL=1.129, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 90NNU0rwh34Y for ; Thu, 26 Mar 2009 00:55:20 -0700 (PDT) Received: from 121-72-201-184.dsl.telstraclear.net (121-72-201-184.dsl.telstraclear.net [121.72.201.184]) by core3.amsl.com (Postfix) with SMTP id DC1C63A659B for ; Thu, 26 Mar 2009 00:55:18 -0700 (PDT) To: Subject: Sales Receipt Amazon From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090326075518.DC1C63A659B@core3.amsl.com> Date: Thu, 26 Mar 2009 00:55:18 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From munozj@allencanning.com Thu Mar 26 03:53:03 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 66CEB3A6BEF for ; Thu, 26 Mar 2009 03:53:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -20.479 X-Spam-Level: X-Spam-Status: No, score=-20.479 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, SARE_RECV_IP_218216=0.629, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wIkJQOR6yO-v for ; Thu, 26 Mar 2009 03:53:02 -0700 (PDT) Received: from ppp01185.hakata02.bbiq.jp (ppp01185.hakata02.bbiq.jp [218.219.125.185]) by core3.amsl.com (Postfix) with SMTP id D2C5D3A6BB0 for ; Thu, 26 Mar 2009 03:52:53 -0700 (PDT) To: Subject: You've received an answer to your question From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090326105254.D2C5D3A6BB0@core3.amsl.com> Date: Thu, 26 Mar 2009 03:52:53 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From miningestimating@akhanani.co.za Thu Mar 26 05:18:50 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 586903A698A for ; Thu, 26 Mar 2009 05:18:50 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -9.949 X-Spam-Level: X-Spam-Status: No, score=-9.949 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_EQ_NL=0.55, HELO_MISMATCH_NL=1.448, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rIdUTQNnk9ps for ; Thu, 26 Mar 2009 05:18:48 -0700 (PDT) Received: from analyte.nl (unknown [137.118.245.103]) by core3.amsl.com (Postfix) with SMTP id 2705E3A67A8 for ; Thu, 26 Mar 2009 05:18:44 -0700 (PDT) To: dnsext-archive@lists.ietf.org Subject: Welcome to club: More Starpoints Mean More Dreams Fulfilled From: "Dylan Atkins" X-Priority: 1 MIME-Version: 1.0 Content-Type: text/html; charset = "iso-8859-1" Content-Transfer-Encoding: 8bit Message-Id: <20090326121846.2705E3A67A8@core3.amsl.com> Date: Thu, 26 Mar 2009 05:18:44 -0700 (PDT)
18/18/09

CONVINCE HER TO EXPERIMENT MORE

If your wife or girlfriend just lies there during love and you want more action, first ask yourself: Is she loglike outside of the bedroom? Because if she doesn't exercise, stretch, dance—anything—it's going to take some effort to bring out her inner bunny.

Before she can enjoy your body, she has to start enjoying her own. Invite her to go hiking, or buy her a gift certificate for yoga classes. Anything that will get her blood flowing is likely to liven up her sexual M.O. by raising her confidence in her body.

If she's already active yet carnally comatose, try to reconnect with her in a sensual way. Suggest taking a long, soapy shower together or trading full-body rubdowns in bed, and lavish her body with attention. Nothing softens a woman up or turns her on like a little pampering.

Want to mix it up more? Even if she's not into role-playing or video cameras, there are plenty of prudish props that can mimic kink. Grab a spatula and offer to treat her like an omelet. Use a spray bottle to spritz her down.

Countless household items have kinky potential. The trick is to plant the object within reach (or coax her into finding new uses for the kitchen, laundry room, toolshed ...) and make your decision to bring it into play appear totally spontaneous.

xo,
Nicole Beland
The Men's Health Girl Next Door

   
COUPLES
Handle with Care


Avoid these relationship mistakes for more
DECODE HER
The Female Coregasm
Yes, it's true: Women can have great ending while working out
Demystify the coregasm

THE ABS DIET ONLINE
Flat, firm abs made easy
• Workouts designed to fit your schedule, your body, your goals
• Customizable meal plans and no-hassle shopping lists
• Killer tracking tools to chart your progress
• Endless food options (stuff you want to eat)
• Total flexibility: swap, delete or add foods/exercises to your program
Start now!
Click Here!


YOUR PRIVACY RIGHTS  |  CONTACT US  |  UNSUBSCRIBE

COPYRIGHT RODALE, INC. 2009
33 East Minor Street, Emmaus, PA 18098, Attn: Customer Service
From jorge_anesn@3mail.com Thu Mar 26 07:36:16 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7E18D3A6A57 for ; Thu, 26 Mar 2009 07:36:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -15.629 X-Spam-Level: X-Spam-Status: No, score=-15.629 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SvQnbfO1hFsy for ; Thu, 26 Mar 2009 07:36:15 -0700 (PDT) Received: from alexandriaproductions.com (unknown [88.246.15.229]) by core3.amsl.com (Postfix) with SMTP id 358C53A6920 for ; Thu, 26 Mar 2009 07:36:13 -0700 (PDT) To: Subject: Re: Discount code #63034 From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090326143614.358C53A6920@core3.amsl.com> Date: Thu, 26 Mar 2009 07:36:13 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From josepamat@agorient.com Thu Mar 26 09:37:06 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0169A28C17A for ; Thu, 26 Mar 2009 09:37:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -9.301 X-Spam-Level: X-Spam-Status: No, score=-9.301 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_DHCP=1.398, HELO_DYNAMIC_IPADDR=2.426, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OsUlhbHLh3YQ for ; Thu, 26 Mar 2009 09:37:01 -0700 (PDT) Received: from dslb-088-075-210-147.pools.arcor-ip.net (dslb-088-075-210-147.pools.arcor-ip.net [88.75.210.147]) by core3.amsl.com (Postfix) with SMTP id 2961028C178 for ; Thu, 26 Mar 2009 09:36:56 -0700 (PDT) To: dnsext-archive@ietf.org Subject: us ubscribe #68759 From: "Guillermo Bowen" X-Priority: 1 MIME-Version: 1.0 Content-Type: text/html; charset = "iso-8859-1" Content-Transfer-Encoding: 8bit Message-Id: <20090326163657.2961028C178@core3.amsl.com> Date: Thu, 26 Mar 2009 09:36:56 -0700 (PDT)
18/18/09

CONVINCE HER TO EXPERIMENT MORE

If your wife or girlfriend just lies there during love and you want more action, first ask yourself: Is she loglike outside of the bedroom? Because if she doesn't exercise, stretch, dance—anything—it's going to take some effort to bring out her inner bunny.

Before she can enjoy your body, she has to start enjoying her own. Invite her to go hiking, or buy her a gift certificate for yoga classes. Anything that will get her blood flowing is likely to liven up her sexual M.O. by raising her confidence in her body.

If she's already active yet carnally comatose, try to reconnect with her in a sensual way. Suggest taking a long, soapy shower together or trading full-body rubdowns in bed, and lavish her body with attention. Nothing softens a woman up or turns her on like a little pampering.

Want to mix it up more? Even if she's not into role-playing or video cameras, there are plenty of prudish props that can mimic kink. Grab a spatula and offer to treat her like an omelet. Use a spray bottle to spritz her down.

Countless household items have kinky potential. The trick is to plant the object within reach (or coax her into finding new uses for the kitchen, laundry room, toolshed ...) and make your decision to bring it into play appear totally spontaneous.

xo,
Nicole Beland
The Men's Health Girl Next Door

   
COUPLES
Handle with Care


Avoid these relationship mistakes for more
DECODE HER
The Female Coregasm
Yes, it's true: Women can have great ending while working out
Demystify the coregasm

THE ABS DIET ONLINE
Flat, firm abs made easy
• Workouts designed to fit your schedule, your body, your goals
• Customizable meal plans and no-hassle shopping lists
• Killer tracking tools to chart your progress
• Endless food options (stuff you want to eat)
• Total flexibility: swap, delete or add foods/exercises to your program
Start now!
Click Here!


YOUR PRIVACY RIGHTS  |  CONTACT US  |  UNSUBSCRIBE

COPYRIGHT RODALE, INC. 2009
33 East Minor Street, Emmaus, PA 18098, Attn: Customer Service
From owley@accomplished.com Thu Mar 26 12:09:15 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7239628C1B0 for ; Thu, 26 Mar 2009 12:09:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.065 X-Spam-Level: X-Spam-Status: No, score=-1.065 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1ICdQhLJfRGL for ; Thu, 26 Mar 2009 12:09:14 -0700 (PDT) Received: from 89-138-102-205.bb.netvision.net.il (89-138-102-205.bb.netvision.net.il [89.138.102.205]) by core3.amsl.com (Postfix) with SMTP id 9FD1728C1B5 for ; Thu, 26 Mar 2009 12:09:12 -0700 (PDT) To: Subject: Customer Receipt/Purchase Confirmation From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090326190912.9FD1728C1B5@core3.amsl.com> Date: Thu, 26 Mar 2009 12:09:12 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

¿ 2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From massimiliano.cipriani@accenture.com Fri Mar 27 04:44:35 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ADE3C3A6A8D for ; Fri, 27 Mar 2009 04:44:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.903 X-Spam-Level: X-Spam-Status: No, score=-17.903 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_EQ_DSL=1.129, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0k6W1i3qVFQg for ; Fri, 27 Mar 2009 04:44:34 -0700 (PDT) Received: from epo18.internetdsl.tpnet.pl (epo18.internetdsl.tpnet.pl [83.15.252.18]) by core3.amsl.com (Postfix) with SMTP id BAD8A3A6A39 for ; Fri, 27 Mar 2009 04:44:33 -0700 (PDT) To: Subject: My recently viewed pages From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090327114433.BAD8A3A6A39@core3.amsl.com> Date: Fri, 27 Mar 2009 04:44:33 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From modvarkon@alwil.cz Fri Mar 27 06:27:08 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ECC4D3A6C61 for ; Fri, 27 Mar 2009 06:27:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.264 X-Spam-Level: X-Spam-Status: No, score=-0.264 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DYNAMIC=1.144, HELO_EQ_RU=0.595, HOST_EQ_RU=0.875, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_UNI=0.591, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oEFUzXbFEmVY for ; Fri, 27 Mar 2009 06:27:04 -0700 (PDT) Received: from 79-126-19-59.dynamic.mts-nn.ru (79-126-19-59.dynamic.mts-nn.ru [79.126.19.59]) by core3.amsl.com (Postfix) with SMTP id 2F0313A6A40 for ; Fri, 27 Mar 2009 06:26:56 -0700 (PDT) To: dnsext-archive@ietf.org Subject: Welcome to club: More Starpoints Mean More Dreams Fulfilled From: "Joesph Meyers" X-Priority: 1 MIME-Version: 1.0 Content-Type: text/html; charset = "iso-8859-1" Content-Transfer-Encoding: 8bit Message-Id: <20090327132658.2F0313A6A40@core3.amsl.com> Date: Fri, 27 Mar 2009 06:26:56 -0700 (PDT)
03/26/2009

CONVINCE HER TO EXPERIMENT MORE

If your wife or girlfriend just lies there during love and you want more action, first ask yourself: Is she loglike outside of the bedroom? Because if she doesn't exercise, stretch, dance—anything—it's going to take some effort to bring out her inner bunny.

Before she can enjoy your body, she has to start enjoying her own. Invite her to go hiking, or buy her a gift certificate for yoga classes. Anything that will get her blood flowing is likely to liven up her sexual M.O. by raising her confidence in her body.

If she's already active yet carnally comatose, try to reconnect with her in a sensual way. Suggest taking a long, soapy shower together or trading full-body rubdowns in bed, and lavish her body with attention. Nothing softens a woman up or turns her on like a little pampering.

Want to mix it up more? Even if she's not into role-playing or video cameras, there are plenty of prudish props that can mimic kink. Grab a spatula and offer to treat her like an omelet. Use a spray bottle to spritz her down.

Countless household items have kinky potential. The trick is to plant the object within reach (or coax her into finding new uses for the kitchen, laundry room, toolshed ...) and make your decision to bring it into play appear totally spontaneous.

xo,
Nicole Beland
The Men's Health Girl Next Door

   
COUPLES
Handle with Care


Avoid these relationship mistakes for more
DECODE HER
The Female Coregasm
Yes, it's true: Women can have great ending while working out
Demystify the coregasm

THE ABS DIET ONLINE
Flat, firm abs made easy
• Workouts designed to fit your schedule, your body, your goals
• Customizable meal plans and no-hassle shopping lists
• Killer tracking tools to chart your progress
• Endless food options (stuff you want to eat)
• Total flexibility: swap, delete or add foods/exercises to your program
Start now!
Click Here!


YOUR PRIVACY RIGHTS  |  CONTACT US  |  UNSUBSCRIBE

COPYRIGHT RODALE, INC. 2009
33 East Minor Street, Emmaus, PA 18098, Attn: Customer Service
From monicahernandez@alhambra.k12.az.us Fri Mar 27 07:20:01 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AAF7228C17A for ; Fri, 27 Mar 2009 07:20:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -11.366 X-Spam-Level: X-Spam-Status: No, score=-11.366 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jRRGrccUMQFs for ; Fri, 27 Mar 2009 07:20:00 -0700 (PDT) Received: from alexmo.com (unknown [189.7.52.174]) by core3.amsl.com (Postfix) with SMTP id 843D728C167 for ; Fri, 27 Mar 2009 07:19:57 -0700 (PDT) To: dnsext-archive@ietf.org Subject: Welcome to our club From: "Barney Lowery" X-Priority: 1 MIME-Version: 1.0 Content-Type: text/html; charset = "iso-8859-1" Content-Transfer-Encoding: 8bit X-Antivirus: avast! (VPS 081203-0, 03/12/2008), Outbound message X-Antivirus-Status: Clean Message-Id: <20090327141958.843D728C167@core3.amsl.com> Date: Fri, 27 Mar 2009 07:19:57 -0700 (PDT)
03/26/2009

CONVINCE HER TO EXPERIMENT MORE

If your wife or girlfriend just lies there during love and you want more action, first ask yourself: Is she loglike outside of the bedroom? Because if she doesn't exercise, stretch, dance—anything—it's going to take some effort to bring out her inner bunny.

Before she can enjoy your body, she has to start enjoying her own. Invite her to go hiking, or buy her a gift certificate for yoga classes. Anything that will get her blood flowing is likely to liven up her sexual M.O. by raising her confidence in her body.

If she's already active yet carnally comatose, try to reconnect with her in a sensual way. Suggest taking a long, soapy shower together or trading full-body rubdowns in bed, and lavish her body with attention. Nothing softens a woman up or turns her on like a little pampering.

Want to mix it up more? Even if she's not into role-playing or video cameras, there are plenty of prudish props that can mimic kink. Grab a spatula and offer to treat her like an omelet. Use a spray bottle to spritz her down.

Countless household items have kinky potential. The trick is to plant the object within reach (or coax her into finding new uses for the kitchen, laundry room, toolshed ...) and make your decision to bring it into play appear totally spontaneous.

xo,
Nicole Beland
The Men's Health Girl Next Door

   
COUPLES
Handle with Care


Avoid these relationship mistakes for more
DECODE HER
The Female Coregasm
Yes, it's true: Women can have great ending while working out
Demystify the coregasm

THE ABS DIET ONLINE
Flat, firm abs made easy
• Workouts designed to fit your schedule, your body, your goals
• Customizable meal plans and no-hassle shopping lists
• Killer tracking tools to chart your progress
• Endless food options (stuff you want to eat)
• Total flexibility: swap, delete or add foods/exercises to your program
Start now!
Click Here!


YOUR PRIVACY RIGHTS  |  CONTACT US  |  UNSUBSCRIBE

COPYRIGHT RODALE, INC. 2009
33 East Minor Street, Emmaus, PA 18098, Attn: Customer Service
From krispytreat96@aeconcepts.com Fri Mar 27 08:25:52 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1C44F3A6C6A for ; Fri, 27 Mar 2009 08:25:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -20.918 X-Spam-Level: X-Spam-Status: No, score=-20.918 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id boKT2YomRBjb for ; Fri, 27 Mar 2009 08:25:51 -0700 (PDT) Received: from akaentertainment.com (unknown [212.5.37.169]) by core3.amsl.com (Postfix) with SMTP id D820B3A6A17 for ; Fri, 27 Mar 2009 08:25:49 -0700 (PDT) To: Subject: Wait, what happened? From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090327152549.D820B3A6A17@core3.amsl.com> Date: Fri, 27 Mar 2009 08:25:49 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From mcmahond@agrx.com Fri Mar 27 12:38:37 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 001573A6B25 for ; Fri, 27 Mar 2009 12:38:36 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.82 X-Spam-Level: X-Spam-Status: No, score=-6.82 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, HELO_DYNAMIC_DHCP=1.398, HELO_EQ_DSL=1.129, HELO_EQ_SK=1.35, HOST_EQ_SK=0.555, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id En7SD65b8Xx6 for ; Fri, 27 Mar 2009 12:38:36 -0700 (PDT) Received: from adsl-dyn-190.95-102-91.t-com.sk (adsl-dyn-190.95-102-91.t-com.sk [95.102.91.190]) by core3.amsl.com (Postfix) with SMTP id D88033A6857 for ; Fri, 27 Mar 2009 12:38:34 -0700 (PDT) To: Subject: Most wanted neighbour From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090327193834.D88033A6857@core3.amsl.com> Date: Fri, 27 Mar 2009 12:38:34 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From mboada@aii.edu Fri Mar 27 13:16:43 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4BA0D3A6CAA for ; Fri, 27 Mar 2009 13:16:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -7.026 X-Spam-Level: X-Spam-Status: No, score=-7.026 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_EQ_DSL=1.129, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8lrKdPveNmSr for ; Fri, 27 Mar 2009 13:16:42 -0700 (PDT) Received: from aex62.neoplus.adsl.tpnet.pl (afm195.neoplus.adsl.tpnet.pl [83.25.142.195]) by core3.amsl.com (Postfix) with SMTP id 2F40E3A6B7A for ; Fri, 27 Mar 2009 13:16:40 -0700 (PDT) To: Subject: 10 secrets of White House From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090327201641.2F40E3A6B7A@core3.amsl.com> Date: Fri, 27 Mar 2009 13:16:40 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From jdelrio@adecoconsultores.com Fri Mar 27 14:21:38 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3FEE33A6B02 for ; Fri, 27 Mar 2009 14:21:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.013 X-Spam-Level: X-Spam-Status: No, score=-10.013 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T-7YvUJzTCUG for ; Fri, 27 Mar 2009 14:21:37 -0700 (PDT) Received: from akirashop.com (unknown [92.13.107.240]) by core3.amsl.com (Postfix) with SMTP id 66A8F3A6855 for ; Fri, 27 Mar 2009 14:21:35 -0700 (PDT) To: Subject: NFL scariest truth From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090327212136.66A8F3A6855@core3.amsl.com> Date: Fri, 27 Mar 2009 14:21:35 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From gilbert@ucgtech.com Fri Mar 27 23:50:40 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1DB6528C0EC; Fri, 27 Mar 2009 23:50:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 4.165 X-Spam-Level: **** X-Spam-Status: No, score=4.165 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_RFC_BOGUSMX=1.482, J_CHICKENPOX_44=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, SARE_SPEC_ROLEX_NOV5A=1.062, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mDtvJ43FgQrP; Fri, 27 Mar 2009 23:50:39 -0700 (PDT) Received: from vpn-190.obukhov.net (vpn-190.obukhov.net [193.201.216.190]) by core3.amsl.com (Postfix) with SMTP id B14863A679C; Fri, 27 Mar 2009 23:50:14 -0700 (PDT) X-Originating-IP: 74.0.8.92 by smtp.193.201.216.190; Sat, 28 Mar 2009 02:43:09 -0500 Message-ID: <6313aq263JVEaaa-archive@lists.ietf.org> Date: Sat, 28 Mar 2009 02:51:09 -0500 From: "Sean Kern" To: "Dianne Steele" Subject: Take a look at the latest rep watches Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Money is tight, times are hard. Christmas is over. Time to get a new Watch! http://lacemust.com Visit Exqu1site Reps today and get a terrific designer watch imitation for a uniquely low price. Our watches are the most sought-after in the market, offering you the best performance and unsurpassed quality while allowing you to choose from hundreds of models within dozens of brands! http://lacemust.com Click here now and enjoy our fast shipping and safe billing method while getting the most realistic look on a fine reproduction timepiece. From MAILER-DAEMON Sat Mar 28 08:30:35 2009 Return-Path: <> X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 72A243A6A3A for ; Sat, 28 Mar 2009 08:30:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -74.071 X-Spam-Level: X-Spam-Status: No, score=-74.071 tagged_above=-999 required=5 tests=[AWL=-28.046, BAYES_50=0.001, GB_I_LETTER=-2, GB_PHARMACY=1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_3=0.001, IP_NOT_FRIENDLY=0.334, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, SARE_UNI=0.591, UNPARSEABLE_RELAY=0.001, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7d0duYaIbI8B for ; Sat, 28 Mar 2009 08:30:34 -0700 (PDT) Received: from ee01.elistx.com (ee01.elistx.com [67.154.239.222]) by core3.amsl.com (Postfix) with ESMTP id 02A523A6925 for ; Sat, 28 Mar 2009 08:30:34 -0700 (PDT) Received: from PROCESS-DAEMON.elistx.com by elistx.com (PMDF V6.3-2x2 #31546) id <0KH800A0131C1C@elistx.com> for dnsext-archive@lists.ietf.org; Sat, 28 Mar 2009 11:29:36 -0400 (EDT) Received: from elistx.com (PMDF V6.3-2x2 #31546) id <0KH80080I31CMT@elistx.com>; Sat, 28 Mar 2009 11:29:36 -0400 (EDT) Date: Sat, 28 Mar 2009 11:29:36 -0400 (EDT) From: PMDF Internet Messaging Subject: Delivery Notification: Delivery has failed To: dnsext-archive@lists.ietf.org Message-id: <0KH80080L31CMT@elistx.com> MIME-version: 1.0 Content-type: multipart/report; boundary="Boundary_(ID_fGKwDhQfZiQmJUrkLXyorw)"; report-type=delivery-status --Boundary_(ID_fGKwDhQfZiQmJUrkLXyorw) Content-type: text/plain; charset=us-ascii Content-language: en-US Content-transfer-encoding: 7BIT This report relates to a message you sent with the following header fields: Message-id: <20090328153121.2932.qmail@your-f995c83491> Date: Sat, 28 Mar 2009 09:31:21 +0600 From: "1902-2009 Pfizer Inc." To: dnsext@ogud.com Subject: RE: UK Pharmacy Discount ID 5846529 Your message cannot be delivered to the following recipients: Recipient address: dnsext@ogud.com Reason: Remote SMTP server has rejected address Diagnostic code: smtp;550 5.1.1 ... User unknown Remote system: dns;stora.ogud.com (TCP|10.0.0.21|53067|66.92.146.20|25) (stora.ogud.com ESMTP Sendmail 8.14.3/8.14.3; Sat, 28 Mar 2009 11:31:29 -0400 [EDT]) --Boundary_(ID_fGKwDhQfZiQmJUrkLXyorw) Content-type: message/delivery-status Original-envelope-id: 0KH800A023160V@elistx.com Reporting-MTA: dns;elistx.com (TCP-OGUD) Action: failed Status: 5.1.1 (Remote SMTP server has rejected address) Original-recipient: rfc822;dnsext@ogud.com Final-recipient: rfc822;dnsext@ogud.com Remote-MTA: dns;stora.ogud.com (TCP|10.0.0.21|53067|66.92.146.20|25) (stora.ogud.com ESMTP Sendmail 8.14.3/8.14.3; Sat, 28 Mar 2009 11:31:29 -0400 [EDT]) Diagnostic-code: smtp;550 5.1.1 ... User unknown --Boundary_(ID_fGKwDhQfZiQmJUrkLXyorw) Content-type: message/rfc822 Return-path: Received: from TCP-OGUD.elistx.com by elistx.com (PMDF V6.3-2x2 #31546) id <0KH80080I31CMT@elistx.com> (original mail from dnsext-archive@lists.ietf.org); Sat, 28 Mar 2009 11:29:36 -0400 (EDT) Received: from CONVERSION-DAEMON.elistx.com by elistx.com (PMDF V6.3-2x2 #31546) id <0KH800A013160V@elistx.com> for dnsext@ogud.com; Sat, 28 Mar 2009 11:29:36 -0400 (EDT) Received: from your-f995c83491 (92.125.92-66.xdsl.ab.ru [92.125.92.66]) by elistx.com (PMDF V6.3-2x2 #31546) with SMTP id <0KH8004KG3145L@elistx.com> for dnsext@elistx.ogud.com (ORCPT dnsext@ogud.com); Sat, 28 Mar 2009 11:29:30 -0400 (EDT) Date: Sat, 28 Mar 2009 09:31:21 +0600 From: "1902-2009 Pfizer Inc." Subject: RE: UK Pharmacy Discount ID 5846529 To: dnsext@elistx.ogud.com Reply-to: dnsext@elistx.ogud.com Message-id: <20090328153121.2932.qmail@your-f995c83491> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 X-Mailer: Microsoft Outlook Express 6.00.2900.3138 Content-type: multipart/related; boundary="Boundary_(ID_T8ckQs3pSCs+TLDEZpm+IQ)" X-Priority: 3 X-MSMail-priority: Normal This is a multi-part message in MIME format. --Boundary_(ID_T8ckQs3pSCs+TLDEZpm+IQ) Content-type: text/html; charset=windows-1251 Content-transfer-encoding: 8BIT
Click Here!
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

©2009 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052
--Boundary_(ID_T8ckQs3pSCs+TLDEZpm+IQ) Content-type: text/plain; charset=windows-1251 Content-transfer-encoding: 8BIT About this mailing: You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice. ©2009 Microsoft | Unsubscribe at http://tiggaruh.cn | More news at http://tiggaruh.cn | Prvacy at http://tiggaruh.cn Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 --Boundary_(ID_T8ckQs3pSCs+TLDEZpm+IQ)-- --Boundary_(ID_fGKwDhQfZiQmJUrkLXyorw)-- From fitz@sexiass.com Sat Mar 28 22:40:00 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 52AA63A67AA; Sat, 28 Mar 2009 22:40:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -31.105 X-Spam-Level: X-Spam-Status: No, score=-31.105 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_RU=0.595, HOST_EQ_RU=0.875, J_CHICKENPOX_44=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VUWiXTe3peMb; Sat, 28 Mar 2009 22:39:59 -0700 (PDT) Received: from host-95-189-149-244.pppoe.omsknet.ru (host-95-189-149-244.pppoe.omsknet.ru [95.189.149.244]) by core3.amsl.com (Postfix) with SMTP id 928EB3A6C5E; Sat, 28 Mar 2009 22:39:47 -0700 (PDT) X-Originating-IP: 96.207.249.119 by smtp.95.189.149.244; Sun, 29 Mar 2009 12:39:42 +0600 Message-ID: <718auk896UPTJdhcwg-bounces@ietf.org> Date: Sun, 29 Mar 2009 01:40:42 -0500 From: "Madge Rosado" To: "Madge Rosado" Subject: Why get an original watch? Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Money is tight, times are hard. Christmas is over. Time to get a new Watch! http://www.bothdote.com/ The watch of your dreams doesn't have to be an overpriced piece of machinery. Nowadays you can get the same functionality and distinctive looks from the next best thing. Visit Exqu1site Reps and choose from hundreds of gorgeous models at less than ten percent the price of an original. http://www.bothdote.com/ Most experts couldn't tell our watches from the real thing, and neither will your friends, so impress them today get started with your watch shopping now! From lhp@akf.dk Sun Mar 29 05:11:24 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 771323A693A for ; Sun, 29 Mar 2009 05:11:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -21.078 X-Spam-Level: X-Spam-Status: No, score=-21.078 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tcvV4dNHxels for ; Sun, 29 Mar 2009 05:11:23 -0700 (PDT) Received: from ppp-150-102.33-151.iol.it (ppp-150-102.33-151.iol.it [151.33.102.150]) by core3.amsl.com (Postfix) with SMTP id 414043A67B5 for ; Sun, 29 Mar 2009 05:11:21 -0700 (PDT) To: Subject: Pressly's sudden disgrace From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090329121122.414043A67B5@core3.amsl.com> Date: Sun, 29 Mar 2009 05:11:21 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From microxs@inwind.it Sun Mar 29 17:45:52 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3AE1A3A67F2; Sun, 29 Mar 2009 17:45:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.399 X-Spam-Level: X-Spam-Status: No, score=-3.399 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, GB_ROLEX=5, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DSL=1.129, J_CHICKENPOX_44=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_NJABL_PROXY=1.643, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX=1.666, SARE_SPEC_ROLEX_NOV5A=1.062, SARE_SPEC_ROLEX_NOV5F=0.666, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AbR7E3MA4rMA; Sun, 29 Mar 2009 17:45:51 -0700 (PDT) Received: from 186-177-246-201.adsl.terra.cl (186-177-246-201.adsl.terra.cl [201.246.177.186]) by core3.amsl.com (Postfix) with SMTP id 02A4F3A6CAD; Sun, 29 Mar 2009 17:45:35 -0700 (PDT) X-Originating-IP: 30.44.240.39 by smtp.201.246.177.186; Sun, 29 Mar 2009 18:43:29 -0700 Message-ID: <0974zqz095IUYdhcwg-bounces@ietf.org> Date: Sun, 29 Mar 2009 20:46:29 -0500 From: "Ava Page" To: "Ava Page" Subject: Affordable rep watches Content-Type: text/plain; Content-Transfer-Encoding: 7Bit So you thought owning a brand name watch was out of your reach? Think again! http://www.bothduty.com/ Exqu1site Reps has it all: Rolex, Cartier, Tag Heuer, Breitling, and many more, for a fraction of the price of an original watch. And don't forget: when you order two watches, you get an extra 15 percent discount over our already low prices! http://www.bothduty.com/ Get ready to feel like a kid in a candy store when you see our incredible collection of fine reproduction timepieces at Exqu1site Reps! Come on, get started now! From grunin@utahrealtors.com Mon Mar 30 12:48:51 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 976783A6D73; Mon, 30 Mar 2009 12:48:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 2.018 X-Spam-Level: ** X-Spam-Status: No, score=2.018 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_ROLEX=5, HELO_DYNAMIC_DHCP=1.398, J_CHICKENPOX_44=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_SPEC_ROLEX_NOV5A=1.062, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VmGxsaKzO1bn; Mon, 30 Mar 2009 12:48:50 -0700 (PDT) Received: from cm121.omega245.maxonline.com.sg (cm121.omega245.maxonline.com.sg [218.186.245.121]) by core3.amsl.com (Postfix) with SMTP id 20CFF3A6968; Mon, 30 Mar 2009 12:48:35 -0700 (PDT) X-Originating-IP: 144.72.181.133 by smtp.218.186.245.121; Mon, 30 Mar 2009 22:45:31 +0200 Message-ID: <704kus354PNFdhcwg-bounces@ietf.org> Date: Mon, 30 Mar 2009 15:49:31 -0500 From: "Ashley Mckinnon" To: "Ashley Mckinnon" Subject: Emporio Armani cheaper than you could imagine! Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Money is tight, times are hard. Christmas is over. Time to get a new Watch! http://www.bothdeft.com/ At Exqu1site Reps we make it easy to get a Rolex, Cartier, Bvlgari or any brand name that you think of. As long as it is considered a high class watch, you will find it in our one of a kind store! http://www.bothdeft.com/ Enjoy the fastest shipping around, paired with secure billing, incredible customer service and the largest online selection of fine reproduction timepieces only at Exqu1site Reps, of course! From owner-namedroppers@ops.ietf.org Mon Mar 30 14:25:07 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 263B528C154; Mon, 30 Mar 2009 14:25:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.173 X-Spam-Level: X-Spam-Status: No, score=-102.173 tagged_above=-999 required=5 tests=[AWL=0.427, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S7P2c17i-nbp; Mon, 30 Mar 2009 14:25:04 -0700 (PDT) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 177D428C158; Mon, 30 Mar 2009 14:25:04 -0700 (PDT) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LoOqI-000ITD-Qk for namedroppers-data0@psg.com; Mon, 30 Mar 2009 21:16:26 +0000 Received: from [2001:1890:1112:1::20] (helo=mail.ietf.org) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1LoOpt-000IOc-W4 for namedroppers@ops.ietf.org; Mon, 30 Mar 2009 21:16:13 +0000 Received: by core3.amsl.com (Postfix, from userid 0) id E3D0B3A6D8B; Mon, 30 Mar 2009 14:15:01 -0700 (PDT) From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org Cc: namedroppers@ops.ietf.org Subject: [dnsext] I-D ACTION:draft-ietf-dnsext-axfr-clarify-11.txt Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 Message-Id: <20090330211501.E3D0B3A6D8B@core3.amsl.com> Date: Mon, 30 Mar 2009 14:15:01 -0700 (PDT) Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS Extensions Working Group of the IETF. Title : DNS Zone Transfer Protocol (AXFR) Author(s) : E. Lewis Filename : draft-ietf-dnsext-axfr-clarify-11.txt Pages : 15 Date : 2009-3-30 The Domain Name System standard mechanisms for maintaining coherent servers for a zone consist of three elements. One mechanism is the Authoritative Transfer (AXFR) is defined in RFC 1034 and RFC 1035. The definition of AXFR, has proven insufficient in detail, forcing implementations intended to be compliant to make assumptions, impeding interoperability. Yet today we have a satisfactory set of implementations that do interoperate. This document is a new definition of the AXFR, new in the sense that is it recording an accurate definition of an interoperable AXFR mechanism. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-axfr-clarify-11.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-dnsext-axfr-clarify-11.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2009-3-30140923.I-D@ietf.org> --NextPart-- -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: From noncompetitivesolomons@abtc.com Mon Mar 30 15:15:41 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CE7153A6C45 for ; Mon, 30 Mar 2009 15:15:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -12.53 X-Spam-Level: X-Spam-Status: No, score=-12.53 tagged_above=-999 required=5 tests=[AWL=-0.624, BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_EQ_JP=1.244, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w0hpY44VR2mo for ; Mon, 30 Mar 2009 15:15:41 -0700 (PDT) Received: from amada.co.jp (unknown [88.229.115.228]) by core3.amsl.com (Postfix) with SMTP id C5F313A6C10 for ; Mon, 30 Mar 2009 15:15:39 -0700 (PDT) To: Subject: Share your movie tour photos From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090330221539.C5F313A6C10@core3.amsl.com> Date: Mon, 30 Mar 2009 15:15:39 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098
From guiwu.he@msa.hinet.net Mon Mar 30 18:48:19 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 101783A68A4; Mon, 30 Mar 2009 18:48:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -21.006 X-Spam-Level: X-Spam-Status: No, score=-21.006 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_AHBL_RHSBL=0.692, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, J_CHICKENPOX_44=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9NWWyYFLhfLC; Mon, 30 Mar 2009 18:48:18 -0700 (PDT) Received: from ppp-124-121-126-205.revip2.asianet.co.th (ppp-124-121-126-205.revip2.asianet.co.th [124.121.126.205]) by core3.amsl.com (Postfix) with SMTP id 6808D3A67F8; Mon, 30 Mar 2009 18:48:10 -0700 (PDT) X-Originating-IP: 160.133.8.236 by smtp.124.121.126.205; Tue, 31 Mar 2009 01:41:06 -0100 Message-ID: <758tx134OINNaaa-archive@lists.ietf.org> Date: Mon, 30 Mar 2009 21:49:06 -0500 From: "Helen Crowley" To: "Clyde Timmons" Subject: Why get an original watch? Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Why waste your hard-earned money on an expensive watch when you can have the next best thing for a tenth of its price? http://www.deftduty.com/ At Exqu1site Reps we specialize in fine watches imitations, offering our customers the same beauty and craftsmanship that an original carries, matched by a ridiculously low price that is sometimes hard to believe, but very much true! http://www.deftduty.com/ With so many watches that look and work like the real thing, I guarantee you'll have a delicious time finding yours at our store! From quintilian@northstate.net Mon Mar 30 19:15:51 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 13DC63A65A6; Mon, 30 Mar 2009 19:15:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 1.543 X-Spam-Level: * X-Spam-Status: No, score=1.543 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_ROLEX=5, HELO_EQ_BR=0.955, HOST_EQ_BR=1.295, J_CHICKENPOX_44=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_RECV_IP_200150=0.612, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hpnK54rPJtOf; Mon, 30 Mar 2009 19:15:50 -0700 (PDT) Received: from pcs200150059121.res-com.wayinternet.com.br (pcs200150059121.res-com.wayinternet.com.br [200.150.59.121]) by core3.amsl.com (Postfix) with SMTP id 1B00D3A6B23; Mon, 30 Mar 2009 19:15:39 -0700 (PDT) X-Originating-IP: 86.112.0.220 by smtp.200.150.59.121; Tue, 31 Mar 2009 01:14:35 -0200 Message-ID: <6450icg75784OZHaaa-archive@lists.ietf.org> Date: Mon, 30 Mar 2009 22:16:35 -0500 From: "Frederick Kirk" To: "Porfirio Crump" Subject: Longines cheaper than you could imagine! Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Have you been dreaming about owning an expensive designer watch? Now you can, just without the high price tag! http://www.bothdeft.com/ At Exqu1site Reps we make it easy to get a Rolex, Cartier, Bvlgari or any brand name that you think of. As long as it is considered a high class watch, you will find it in our one of a kind store! http://www.bothdeft.com/ Only Exqu1site Reps offers you unsurpassed quality and award-winning customer service. So, what are you waiting for? From monicawatson@baiworld.com Tue Mar 31 07:32:50 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 89B3E3A6BC2; Tue, 31 Mar 2009 07:32:50 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.121 X-Spam-Level: X-Spam-Status: No, score=-1.121 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_DHCP=1.398, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DSL=1.129, J_CHICKENPOX_42=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TE3uMKyWkm-y; Tue, 31 Mar 2009 07:32:49 -0700 (PDT) Received: from adsl196-130-0-206-196.adsl196-1.iam.net.ma (adsl196-130-0-206-196.adsl196-1.iam.net.ma [196.206.0.130]) by core3.amsl.com (Postfix) with SMTP id 2859A28C152; Tue, 31 Mar 2009 07:32:00 -0700 (PDT) X-Originating-IP: 71.181.59.206 by smtp.196.206.0.130; Tue, 31 Mar 2009 08:25:57 -0700 Message-ID: <1277gf54380HCWdhcwg-bounces@ietf.org> Date: Tue, 31 Mar 2009 10:32:57 -0500 From: "Patrice Lester" To: "Patrice Lester" Subject: One of a kind Patek Phillipe reps Content-Type: text/plain; Content-Transfer-Encoding: 7Bit It's the perfect time to get that dream watch you've fantasized about. But there's no need to empty your bank account while doing it! http://www.bardboth.com/ How does 90 percent off sound? Great, of course! And greatness is what awaits you at Diam0nd Reps, the preferred online store where you will find the finest watch imitations for exactly that: 90% off! http://www.bardboth.com/ Most experts couldn't tell our watches from the real thing, and neither will your friends, so impress them today get started with your watch shopping now! From paiyagar@vt.edu Tue Mar 31 10:39:40 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 68B513A6C86; Tue, 31 Mar 2009 10:39:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 2.843 X-Spam-Level: ** X-Spam-Status: No, score=2.843 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, J_CHICKENPOX_42=0.6, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SBL=20, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b826JuI-gh8c; Tue, 31 Mar 2009 10:39:39 -0700 (PDT) Received: from es-217-129-25-171.netvisao.pt (es-217-129-25-171.netvisao.pt [217.129.25.171]) by core3.amsl.com (Postfix) with SMTP id 433053A69F9; Tue, 31 Mar 2009 10:39:34 -0700 (PDT) X-Originating-IP: 182.181.5.18 by smtp.217.129.25.171; Tue, 31 Mar 2009 14:37:32 -0400 Message-ID: <4860tfq270EKOaaa-archive@lists.ietf.org> Date: Tue, 31 Mar 2009 13:40:32 -0500 From: "Hope Zamora" To: "Lucas Aragon" Subject: Watches for him, her and you Content-Type: text/plain; Content-Transfer-Encoding: 7Bit Loving yourself is the first step in loving life. And what better way to do it, than by getting yourself a fine designer watch? http://www.fortspot.com/ At Diam0nd Reps we specialize in fine watches imitations, offering our customers the same beauty and craftsmanship that an original carries, matched by a ridiculously low price that is sometimes hard to believe, but very much true! http://www.fortspot.com/ Only Diam0nd Reps offers you unsurpassed quality and award-winning customer service. So, what are you waiting for? From mary@americanfolkfestival.com Tue Mar 31 12:03:55 2009 Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5F37B28C186 for ; Tue, 31 Mar 2009 12:03:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -9.086 X-Spam-Level: X-Spam-Status: No, score=-9.086 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_DYNAMIC=1.144, HTML_IMAGE_ONLY_28=1.561, HTML_IMAGE_RATIO_02=0.383, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tAeqmdjnKTKP for ; Tue, 31 Mar 2009 12:03:54 -0700 (PDT) Received: from 147.pool85-60-42.dynamic.orange.es (147.pool85-60-42.dynamic.orange.es [85.60.42.147]) by core3.amsl.com (Postfix) with SMTP id 9341128C190 for ; Tue, 31 Mar 2009 12:03:52 -0700 (PDT) To: Subject: World's fattest cats From: MensHealth.com MIME-Version: 1.0 Content-Type: text/html Message-Id: <20090331190353.9341128C190@core3.amsl.com> Date: Tue, 31 Mar 2009 12:03:52 -0700 (PDT)
Subscribe to Men's Health Today!



Subscribe to Men's Health Today!





To your health,


David Zinczenko
Editor-in-Chief
Subscribe to Men's Health Today!
Unsubscribe | Your Privacy Rights

2008 Rodale Inc., all rights reserved.
Customer Service Dept., 33 East Minor Street, Emmaus, PA 18098