[BEHAVE] [Technical Errata Reported] RFC6147 (3236)
RFC Errata System <rfc-editor@rfc-editor.org> Thu, 31 May 2012 00:49 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F19E11E812C for <behave@ietfa.amsl.com>; Wed, 30 May 2012 17:49:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.462
X-Spam-Level:
X-Spam-Status: No, score=-102.462 tagged_above=-999 required=5 tests=[AWL=0.138, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZtqApMJNOgkt for <behave@ietfa.amsl.com>; Wed, 30 May 2012 17:49:36 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1890:123a::1:2f]) by ietfa.amsl.com (Postfix) with ESMTP id 2621D11E80D5 for <behave@ietf.org>; Wed, 30 May 2012 17:49:36 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id CB703621A0; Wed, 30 May 2012 17:48:55 -0700 (PDT)
To: marcelo@it.uc3m.es, ajs@shinkuro.com, philip_matthews@magma.ca, iljitsch@muada.com, wes@mti-systems.com, martin.stiemerling@neclab.eu, dwing@cisco.com, dthaler@microsoft.com
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20120531004855.CB703621A0@rfc-editor.org>
Date: Wed, 30 May 2012 17:48:55 -0700
Cc: behave@ietf.org, marka@isc.org, rfc-editor@rfc-editor.org
Subject: [BEHAVE] [Technical Errata Reported] RFC6147 (3236)
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 May 2012 00:49:36 -0000
The following errata report has been submitted for RFC6147, "DNS64: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=6147&eid=3236 -------------------------------------- Type: Technical Reported by: Mark Andrews <marka@isc.org> Section: 5.5 Original Text ------------- An application that wants to perform validation on its own should use the CD bit. Corrected Text -------------- Section 5.5 needs to be completely re analysed, Notes ----- Section 5.5 is written around the assumption that a validating stub resolver will be setting CD=1 as well as DO=1. There is no such requirement RFC 4035 and in fact setting both CD=1 and DO=1 leaves the stub resolver vulnerable to answers from authoritative servers for the zone that are serving a stale copy of the zone and spoofed answers being sent to the DNS64 server. Non CD=1 queries result in the DNS64 server in its recursive roll, filtering out, cryptographically bad answers. DO=1 alone should disable synthesis. Instructions: ------------- This errata is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party (IESG) can log in to change the status and edit the report, if necessary. -------------------------------------- RFC6147 (draft-ietf-behave-dns64-11) -------------------------------------- Title : DNS64: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers Publication Date : April 2011 Author(s) : M. Bagnulo, A. Sullivan, P. Matthews, I. van Beijnum Category : PROPOSED STANDARD Source : Behavior Engineering for Hindrance Avoidance Area : Transport Stream : IETF Verifying Party : IESG