Re: [BEHAVE] auth48 changes to draft-ietf-behave-dns64
"Dan Wing" <dwing@cisco.com> Thu, 31 March 2011 12:27 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 861DF28C12D; Thu, 31 Mar 2011 05:27:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.364
X-Spam-Level:
X-Spam-Status: No, score=-110.364 tagged_above=-999 required=5 tests=[AWL=0.235, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yPRdqZ3Kd85B; Thu, 31 Mar 2011 05:27:55 -0700 (PDT)
Received: from sj-iport-3.cisco.com (sj-iport-3.cisco.com [171.71.176.72]) by core3.amsl.com (Postfix) with ESMTP id 64EAC3A6966; Thu, 31 Mar 2011 05:27:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=dwing@cisco.com; l=5018; q=dns/txt; s=iport; t=1301574575; x=1302784175; h=from:to:cc:references:in-reply-to:subject:date: message-id:mime-version:content-transfer-encoding; bh=fsCcV0aNuiGf1Q5qhG126QxED+MVuqx2STmLBaDpZjQ=; b=KPjTTh6QxgWQQo6BXzVu+z+FyNu0gWm1VUU+nUdmMWZCylgTWdXtn7Nj uM204XEv2exNr/zh8TIfmAaTmh+AieF3I33o0Wsby0NbPQ2r+bA0d+di0 b2XBdH8tGM54vzfF+/tWDBoVtVofGovIfRWyKO+4FnMQ+0CaX+tFxmDbt 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ah8BAJNylE2tJXG9/2dsb2JhbACYDYFji113iHmZYZwUhWsE
X-IronPort-AV: E=Sophos;i="4.63,275,1299456000"; d="scan'208";a="286494139"
Received: from rcdn-core2-2.cisco.com ([173.37.113.189]) by sj-iport-3.cisco.com with ESMTP; 31 Mar 2011 12:29:34 +0000
Received: from dwingWS (rtp-vpn6-995.cisco.com [10.82.251.230]) by rcdn-core2-2.cisco.com (8.14.3/8.14.3) with ESMTP id p2VCTWiQ031628; Thu, 31 Mar 2011 12:29:32 GMT
From: Dan Wing <dwing@cisco.com>
To: 'Dmitry Anipko' <Dmitry.Anipko@microsoft.com>, 'Jari Arkko' <jari.arkko@piuha.net>, behave@ietf.org
References: <041d01cbedf1$329be590$97d3b0b0$@com> <4D91DE99.20206@piuha.net> <DD1A73D9E9C89144A927C5080F70285A015E3DE9B727@NA-EXMSG-S702.segroup.winse.corp.microsoft.com>
In-Reply-To: <DD1A73D9E9C89144A927C5080F70285A015E3DE9B727@NA-EXMSG-S702.segroup.winse.corp.microsoft.com>
Date: Thu, 31 Mar 2011 14:29:32 +0200
Message-ID: <009b01cbef9f$4aacd3b0$e0067b10$@com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcvuFVJ7m6zL2unxS86JVDByZkBUEgAJdQ+AAFj8YYA=
Content-Language: en-us
Cc: ietf@ietf.org, 'David Harrington' <ietfdbh@comcast.net>, behave-chairs@tools.ietf.org, draft-ietf-behave-dns64@tools.ietf.org
Subject: Re: [BEHAVE] auth48 changes to draft-ietf-behave-dns64
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Mar 2011 12:27:56 -0000
> -----Original Message----- > From: ietf-bounces@ietf.org [mailto:ietf-bounces@ietf.org] On Behalf Of > Dmitry Anipko > Sent: Tuesday, March 29, 2011 8:07 PM > To: Jari Arkko; behave@ietf.org > Cc: 'David Harrington'; behave-chairs@tools.ietf.org; draft-ietf- > behave-dns64@tools.ietf.org; ietf@ietf.org > Subject: RE: [BEHAVE] auth48 changes to draft-ietf-behave-dns64 > > Hi, > > I have a question about the particular part of the suggested diff. The > diff says: > > >>Alternatively, *if configured to do so*, it MAY treat the answer > as... > > Does the part marked with stars imply that an implementation must > support such configuration setting, or the support of such > configuration setting is also covered by the following MAY? I would interpret as support of such configuration setting as covered by the following MAY. -d > Thank you, > Dmitry > > -----Original Message----- > From: behave-bounces@ietf.org [mailto:behave-bounces@ietf.org] On > Behalf Of Jari Arkko > Sent: Tuesday, March 29, 2011 6:29 AM > To: behave@ietf.org > Cc: behave-chairs@tools.ietf.org; 'David Harrington'; ietf@ietf.org; > draft-ietf-behave-dns64@tools.ietf.org > Subject: Re: [BEHAVE] auth48 changes to draft-ietf-behave-dns64 > > I'm OK with these changes. > > Jari > > Dan Wing kirjoitti: > > During auth48 of draft-ietf-behave-dns64-11.txt, it was realized that > > two sections were not consistent. > > > > The text in Section 5.1.1 is clear: > > > > If there is (non-excluded) AAAA data available, DNS64 > > SHOULD NOT include synthetic AAAA RRs in the response (see > Appendix A > > for an analysis of the motivations for and the implications of not > > complying with this recommendation). By default, DNS64 > > implementations MUST NOT synthesize AAAA RRs when real AAAA RRs > > exist > > > > That is, SHOULD NOT in the general case, and MUST NOT as a default > case. > > This represents WG consensus. > > > > > > But then 5.1.4 says something slightly different: > > > > If it receives an answer with at > > least one AAAA record containing an address outside any of the > > excluded range(s), then it MAY build an answer section for a > response > > including only the AAAA record(s) that do not contain any of the > > addresses inside the excluded ranges. That answer section is used > in > > the assembly of a response as detailed in Section 5.4. > > Alternatively, it MAY treat the answer as though it were an empty > > answer, and proceed accordingly. It MUST NOT return the offending > > AAAA records as part of a response. > > > > It seems rather self-defeating to have excluded ranges and then > > ignore those. Then the only issue is: if there are both an > > excluded AAAA record and a non-excluded one, the above says you > > can either return the good one, or not return any AAAA records. > > > > The proposal is to change the "MAY build an answer section" in 5.1.4 > > to "by default MUST build an answer section", so it would read as > > follows. The critical changes are highlighted with "^": > > > > When the DNS64 performs its initial AAAA query, if it receives an > > answer with only AAAA records containing addresses in the excluded > > range(s), then it MUST treat the answer as though it were an empty > > .....................^^^^ > > answer, and proceed accordingly. If it receives an answer with at > > least one AAAA record containing an address outside any of the > > excluded range(s), then it by default SHOULD build an answer > section > > .................................^^^^^^^^^^^^^^ > > for a response including only the AAAA record(s) that do not > contain > > any of the addresses inside the excluded ranges. That answer > section > > is used in the assembly of a response as detailed in Section 5.4. > > Alternatively, it MAY treat the answer as though it were an empty > > answer, and proceed accordingly. It MUST NOT return the offending > > AAAA records as part of a response. > > > > We believe this is in line with the WG consensus in section 5.1.1. > > > > > > The updated files are here: > > http://www.rfc-editor.org/authors/rfc6147.txt > > http://www.rfc-editor.org/authors/rfc6147.xml > > http://www.rfc-editor.org/authors/rfc6147-diff.html > > > > > > We are soliciting feedback for this change until noon (Prague time) > > on Friday, April 1. Please send feedback to behave@ietf.org. > > > > -d > > > > > > _______________________________________________ > > Ietf mailing list > > Ietf@ietf.org > > https://www.ietf.org/mailman/listinfo/ietf > > > > > > _______________________________________________ > Behave mailing list > Behave@ietf.org > https://www.ietf.org/mailman/listinfo/behave > > _______________________________________________ > Ietf mailing list > Ietf@ietf.org > https://www.ietf.org/mailman/listinfo/ietf