To:
Randy Bush <randy@psg.com>
Cc:
dns op wg <dnsop@cafax.se>
From:
Harald Tveit Alvestrand <Harald@Alvestrand.no>
Date:
Sun, 05 Dec 1999 23:42:47 +0100
In-Reply-To:
<E11ujqV-0001lQ-00@rip.psg.com>
Sender:
owner-dnsop@cafax.se
Subject:
Re: Last WG call for draft-ietf-dnsop-root-opreq-02.txt.
At 14:09 05.12.99 -0800, Randy Bush wrote: > > and of course, the decision on this is ultimately taken by the people > > responsible for the master root name server, unlike most of the rest of > > the doc, where all the root name server operators have to make decisions. > >actually, i could easily see different operators using different oob >channels, a paranoid operator using more than one channel, ... > >but yes, the draft wording assumes operators have a general concept of 'out >of band' data exchange. i just feared wording such as "a method other than >those of the dns protocols, e.g. axfr, ixfr, etc." was as much, or more, of >a rathole as assuming "oob" was an understood term. > >i probably am forgetting something significant in some relevant document, >but how is end of line encoded in a zone file? if one is to compare hashes, >either the hash must ignore line ends (which might offer a security >vulnerability) or there must be a common understanding of the value of a >line end. If using email, I'd suggest sending a complete zone file and signing it. Sidesteps the issue by pushing it down to the MIME level. Apart from that, see the Content-MD5 RFC (RFC 1864) for some discussion and a possible way to do it (mandate CRLF *for calculating the checksum*). Harald -- Harald Tveit Alvestrand, EDB Maxware, Norway Harald.Alvestrand@edb.maxware.no