Re: [dnsext] Fwd: djb on NXDOMAIN/NODATA for non-terminals

Edward Lewis <Ed.Lewis@neustar.biz> Tue, 29 March 2011 16:05 UTC

Return-Path: <Ed.Lewis@neustar.biz>
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C03A83A68BF for <dnsext@core3.amsl.com>; Tue, 29 Mar 2011 09:05:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.577
X-Spam-Level:
X-Spam-Status: No, score=-102.577 tagged_above=-999 required=5 tests=[AWL=0.022, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D59-Ced70qni for <dnsext@core3.amsl.com>; Tue, 29 Mar 2011 09:05:30 -0700 (PDT)
Received: from stora.ogud.com (stora.ogud.com [66.92.146.20]) by core3.amsl.com (Postfix) with ESMTP id C884A3A6862 for <dnsext@ietf.org>; Tue, 29 Mar 2011 09:05:29 -0700 (PDT)
Received: from Work-Laptop-2.local (gatt.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.4/8.14.4) with ESMTP id p2TG74ZZ065605; Tue, 29 Mar 2011 12:07:04 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz)
Received: from [10.31.200.119] by Work-Laptop-2.local (PGP Universal service); Tue, 29 Mar 2011 12:07:05 -0400
X-PGP-Universal: processed; by Work-Laptop-2.local on Tue, 29 Mar 2011 12:07:05 -0400
Mime-Version: 1.0
Message-Id: <a06240805c9b7b0159a9e@[10.31.200.119]>
In-Reply-To: <84978.1301403827@nsa.vix.com>
References: <AANLkTimCZVyag8+Pv8zJsah2B-C=h3bPJ=DNVVo3agLc@mail.gmail.com> <34319.1301351478@nsa.vix.com> <BANLkTikkx4ndK3TpByptuRdtPGuFztm2yA@mail.gmail.com> <65033.1301383238@nsa.vix.com> <82ei5qz3bi.fsf@mid.bfk.de> <84978.1301403827@nsa.vix.com>
Date: Tue, 29 Mar 2011 11:57:43 -0400
To: Paul Vixie <vixie@isc.org>
From: Edward Lewis <Ed.Lewis@neustar.biz>
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
X-Scanned-By: MIMEDefang 2.68 on 10.20.30.4
Cc: dnsext@ietf.org
Subject: Re: [dnsext] Fwd: djb on NXDOMAIN/NODATA for non-terminals
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Mar 2011 16:05:30 -0000

At 13:03 +0000 3/29/11, Paul Vixie wrote:

>and that someone get working on an aggressive negative caching proposal?

In other threads I've made statements that lead me to say "no" 
because I've come to believe aggressive negative caching is in 
general not a good idea.

I think being aggressive with NXDOMAIN is workable, though.  Even if 
the NSEC/3's "clip" down the ranges they cover, there is no harm to 
the authority.  This is nothing different from what we already have 
in RFC 2308 though.

There are plenty of things caches can do to be more aggressive in the 
positive space, like pre-fetching, being more energetic in trying to 
validate a response, etc.
-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
NeuStar                    You can leave a voice message at +1-571-434-5468

Me to infant son: "Waah! Waah! Is that all you can say?  Waah?"
Son: "Waah!"