To:
Randy Bush <randy@psg.com>
Cc:
dns op wg <dnsop@cafax.se>
From:
Harald Tveit Alvestrand <Harald@Alvestrand.no>
Date:
Sun, 05 Dec 1999 23:42:47 +0100
In-Reply-To:
<E11ujqV-0001lQ-00@rip.psg.com>
Sender:
owner-dnsop@cafax.se
Subject:
Re: Last WG call for draft-ietf-dnsop-root-opreq-02.txt.
At 14:09 05.12.99 -0800, Randy Bush wrote:
> > and of course, the decision on this is ultimately taken by the people
> > responsible for the master root name server, unlike most of the rest of
> > the doc, where all the root name server operators have to make decisions.
>
>actually, i could easily see different operators using different oob
>channels, a paranoid operator using more than one channel, ...
>
>but yes, the draft wording assumes operators have a general concept of 'out
>of band' data exchange. i just feared wording such as "a method other than
>those of the dns protocols, e.g. axfr, ixfr, etc." was as much, or more, of
>a rathole as assuming "oob" was an understood term.
>
>i probably am forgetting something significant in some relevant document,
>but how is end of line encoded in a zone file? if one is to compare hashes,
>either the hash must ignore line ends (which might offer a security
>vulnerability) or there must be a common understanding of the value of a
>line end.
If using email, I'd suggest sending a complete zone file and signing it.
Sidesteps the issue by pushing it down to the MIME level.
Apart from that, see the Content-MD5 RFC (RFC 1864) for some discussion and
a possible way to do it (mandate CRLF *for calculating the checksum*).
Harald
--
Harald Tveit Alvestrand, EDB Maxware, Norway
Harald.Alvestrand@edb.maxware.no