Corey, On Wed, Jul 5, 2023 at 2:47 PM Corey Bonnell via dnsdir wrote: > Hi Tim, > Thank you for your review. Comments inline. > > > This is a very minor nit, but when I was validating the ABNF, I realized > the proper order should have these two first > > My preference would be to keep the grammar as-is, for two reasons: > > 1. The current grammar is identical to that in RFC 8659 and reordering > them would introduce a deviation between the two documents. > 2. While entirely reasonable that production rules should be defined prior > to being used, I don't believe that RFC 5234 provides any guidance > regarding the relative ordering of production rules. > No this makes sense, I did not look at 8659 so bad on me. I also was thinking I should just hack up 'bap' to not throw the errors. > > However, I'd be happy to change the ordering if there are strong feelings > that this should be changed. > > > malformed.client.example CAA 0 issuemail "authority.example; > %%%%%" > > If I read this correctly, the entire record is ignored. Is this true? > > The record isn't ignored, but rather treated as if it contains an empty > issuer-domain-name. In the absence of any other issuemail records in the > RRSet, this would be interpreted as a prohibition on issuance. > Okay, so any part of a record the CA fails to parse the issuer-domain-name is set to be the empty string (for that CAA record). thanks and going over the text again also shows that. then we should be good thanks tim Thanks, > Corey > > -----Original Message----- > From: Tim Wicinski via Datatracker > Sent: Saturday, July 1, 2023 5:51 PM > To: dnsdir@ietf.org > Cc: draft-ietf-lamps-caa-issuemail.all@ietf.org; last-call@ietf.org; > spasm@ietf.org > Subject: Dnsdir last call review of draft-ietf-lamps-caa-issuemail-04 > > Reviewer: Tim Wicinski > Review result: Ready with Nits > > > Reviewer: Tim Wicinski > Review result: Ready with Nits > > I have been selected as the DNS Directorate reviewer for this draft. The > DNS Directorate seeks to review all DNS or DNS-related drafts as they pass > through IETF last call and IESG review, and sometimes on special request. > The purpose of the review is to provide assistance to the ADs. > For more information about the DNS Directorate, please see > https://wiki.ietf.org/en/group/dnsdir > > > I find the document well written, and easy to understand. I have a few > minor nits. > > > This is a very minor nit, but when I was validating the ABNF, I realized > the proper order should have these two first: > > label = (ALPHA / DIGIT) *( *("-") (ALPHA / DIGIT)) > > issuer-domain-name = label *("." label) > > Like I said, very minor. (according to bap) > > > > A question on malformed parameters (Section 4): > The text says this: > > However, parameters that do not conform to the ABNF syntax as defined > in Section 3 will result in the issuemail-value being not conformant > with the ABNF syntax. As stated above, a Property whose issuemail- > value is malformed SHALL be treated as if the issuer-domain-name in > the issuemail-value is the empty string. > > And you have this example of a malformed property. > > malformed.client.example CAA 0 issuemail "%%%%%" > > > But what happens if this is the record? > > malformed.client.example CAA 0 issuemail "authority.example; %%%%%" > > If I read this correctly, the entire record is ignored. Is this true? > > > > -- > dnsdir mailing list > dnsdir@ietf.org > https://www.ietf.org/mailman/listinfo/dnsdir >