Re: [BEHAVE] auth48 changes to draft-ietf-behave-dns64
Jari Arkko <jari.arkko@piuha.net> Tue, 29 March 2011 13:27 UTC
Return-Path: <jari.arkko@piuha.net>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7E8713A683A; Tue, 29 Mar 2011 06:27:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.527
X-Spam-Level:
X-Spam-Status: No, score=-102.527 tagged_above=-999 required=5 tests=[AWL=0.072, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MBrCiW-NtCUt; Tue, 29 Mar 2011 06:27:27 -0700 (PDT)
Received: from p130.piuha.net (p130.piuha.net [IPv6:2001:14b8:400::130]) by core3.amsl.com (Postfix) with ESMTP id 4DA1D3A6824; Tue, 29 Mar 2011 06:27:25 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id 0B7462CC39; Tue, 29 Mar 2011 16:28:59 +0300 (EEST)
X-Virus-Scanned: amavisd-new at piuha.net
Received: from p130.piuha.net ([127.0.0.1]) by localhost (p130.piuha.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pxX7+Lgv6rTP; Tue, 29 Mar 2011 16:28:58 +0300 (EEST)
Received: from [IPv6:::1] (unknown [IPv6:2001:14b8:400::130]) by p130.piuha.net (Postfix) with ESMTP id D70A72CC2F; Tue, 29 Mar 2011 16:28:57 +0300 (EEST)
Message-ID: <4D91DE99.20206@piuha.net>
Date: Tue, 29 Mar 2011 15:28:57 +0200
From: Jari Arkko <jari.arkko@piuha.net>
User-Agent: Thunderbird 2.0.0.24 (X11/20101027)
MIME-Version: 1.0
To: behave@ietf.org
References: <041d01cbedf1$329be590$97d3b0b0$@com>
In-Reply-To: <041d01cbedf1$329be590$97d3b0b0$@com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: behave-chairs@tools.ietf.org, 'David Harrington' <ietfdbh@comcast.net>, ietf@ietf.org, draft-ietf-behave-dns64@tools.ietf.org
Subject: Re: [BEHAVE] auth48 changes to draft-ietf-behave-dns64
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Mar 2011 13:27:32 -0000
I'm OK with these changes. Jari Dan Wing kirjoitti: > During auth48 of draft-ietf-behave-dns64-11.txt, it was realized that > two sections were not consistent. > > The text in Section 5.1.1 is clear: > > If there is (non-excluded) AAAA data available, DNS64 > SHOULD NOT include synthetic AAAA RRs in the response (see Appendix A > for an analysis of the motivations for and the implications of not > complying with this recommendation). By default, DNS64 > implementations MUST NOT synthesize AAAA RRs when real AAAA RRs > exist > > That is, SHOULD NOT in the general case, and MUST NOT as a default case. > This represents WG consensus. > > > But then 5.1.4 says something slightly different: > > If it receives an answer with at > least one AAAA record containing an address outside any of the > excluded range(s), then it MAY build an answer section for a response > including only the AAAA record(s) that do not contain any of the > addresses inside the excluded ranges. That answer section is used in > the assembly of a response as detailed in Section 5.4. > Alternatively, it MAY treat the answer as though it were an empty > answer, and proceed accordingly. It MUST NOT return the offending > AAAA records as part of a response. > > It seems rather self-defeating to have excluded ranges and then > ignore those. Then the only issue is: if there are both an > excluded AAAA record and a non-excluded one, the above says you > can either return the good one, or not return any AAAA records. > > The proposal is to change the "MAY build an answer section" in 5.1.4 > to "by default MUST build an answer section", so it would read as > follows. The critical changes are highlighted with "^": > > When the DNS64 performs its initial AAAA query, if it receives an > answer with only AAAA records containing addresses in the excluded > range(s), then it MUST treat the answer as though it were an empty > .....................^^^^ > answer, and proceed accordingly. If it receives an answer with at > least one AAAA record containing an address outside any of the > excluded range(s), then it by default SHOULD build an answer section > .................................^^^^^^^^^^^^^^ > for a response including only the AAAA record(s) that do not contain > any of the addresses inside the excluded ranges. That answer section > is used in the assembly of a response as detailed in Section 5.4. > Alternatively, it MAY treat the answer as though it were an empty > answer, and proceed accordingly. It MUST NOT return the offending > AAAA records as part of a response. > > We believe this is in line with the WG consensus in section 5.1.1. > > > The updated files are here: > http://www.rfc-editor.org/authors/rfc6147.txt > http://www.rfc-editor.org/authors/rfc6147.xml > http://www.rfc-editor.org/authors/rfc6147-diff.html > > > We are soliciting feedback for this change until noon (Prague time) > on Friday, April 1. Please send feedback to behave@ietf.org. > > -d > > > _______________________________________________ > Ietf mailing list > Ietf@ietf.org > https://www.ietf.org/mailman/listinfo/ietf > >