IETF Logo Mail Archive

Re: Additional filtering of responses

Tony Finch <dot@dotat.at> Thu, 07 August 2008 17:34 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 135023A6C24; Thu, 7 Aug 2008 10:34:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.63
X-Spam-Level:
X-Spam-Status: No, score=-4.63 tagged_above=-999 required=5 tests=[AWL=-1.331, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JBRHylUttYBE; Thu, 7 Aug 2008 10:34:10 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 279953A6C21; Thu, 7 Aug 2008 10:34:10 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1KR9JV-000GbF-R4 for namedroppers-data@psg.com; Thu, 07 Aug 2008 17:30:13 +0000
Received: from [131.111.8.132] (helo=ppsw-2.csi.cam.ac.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from <fanf2@hermes.cam.ac.uk>) id 1KR9JO-000GaW-Cm for namedroppers@ops.ietf.org; Thu, 07 Aug 2008 17:30:08 +0000
X-Cam-AntiVirus: no malware found
X-Cam-SpamDetails: not scanned
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from hermes-1.csi.cam.ac.uk ([131.111.8.51]:35783) by ppsw-2.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.152]:25) with esmtpa (EXTERNAL:fanf2) id 1KR9JG-0000F2-7f (Exim 4.70) (return-path <fanf2@hermes.cam.ac.uk>); Thu, 07 Aug 2008 18:29:58 +0100
Received: from fanf2 (helo=localhost) by hermes-1.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1KR9JG-0006ZY-BQ (Exim 4.67) (return-path <fanf2@hermes.cam.ac.uk>); Thu, 07 Aug 2008 18:29:58 +0100
Date: Thu, 07 Aug 2008 18:29:58 +0100
From: Tony Finch <dot@dotat.at>
X-X-Sender: fanf2@hermes-1.csi.cam.ac.uk
To: Paul Vixie <vixie@isc.org>
cc: Wouter Wijngaards <wouter@NLnetLabs.nl>, Namedroppers <namedroppers@ops.ietf.org>
Subject: Re: Additional filtering of responses
In-Reply-To: <45759.1218122552@nsa.vix.com>
Message-ID: <alpine.LSU.1.10.0808071822550.18980@hermes-1.csi.cam.ac.uk>
References: <489AD5E3.20708@nlnetlabs.nl> <45759.1218122552@nsa.vix.com>
User-Agent: Alpine 1.10 (LSU 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>

On Thu, 7 Aug 2008, Paul Vixie wrote:
>
> first, we should not send, or if we receive, we should not cache or forward,
> anything in the additional section that could be found using a new query.
> this rules out all records except those referred to by NS RRs in an authority
> or answer section, whose target names are at-or-below the NS RR owner name.
>
> second, use these "glue" records only when trying to reach these nameservers,
> or when answering questions or sending referrals about these nameservers.  do
> not use them in answer sections, nor as additional data for MX or SRV or any
> other purpose.  if needed for such "other purpose", go fetch them normally.

Also, these glue records (both authority and additional) should be ignored
if they are already in the cache.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
CROMARTY FORTH TYNE: NORTHERLY 5 OR 6, BECOMING VARIABLE 3 OR 4 LATER.
MODERATE OR ROUGH. RAIN OR SHOWERS THEN MAINLY FAIR. MODERATE OR GOOD,
OCCASIONALLY POOR AT FIRST.

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

v2.23.0 | Report a Bug | By Email