Re: [dnsext] Practical question about backwards compatibility and new proposals
Florian Weimer <fweimer@bfk.de> Fri, 17 September 2010 08:49 UTC
Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 36E723A6BE6; Fri, 17 Sep 2010 01:49:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.431
X-Spam-Level:
X-Spam-Status: No, score=-0.431 tagged_above=-999 required=5 tests=[AWL=1.818, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WhKELISOnTur; Fri, 17 Sep 2010 01:49:25 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 921F03A688A; Fri, 17 Sep 2010 01:49:24 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.72 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1OwWXW-000Ljr-Tm for namedroppers-data0@psg.com; Fri, 17 Sep 2010 08:43:26 +0000
Received: from mx01.bfk.de ([193.227.124.2]) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72 (FreeBSD)) (envelope-from <fweimer@bfk.de>) id 1OwWXU-000Lj1-6H for namedroppers@ops.ietf.org; Fri, 17 Sep 2010 08:43:24 +0000
Received: from mx00.int.bfk.de ([10.119.110.2]) by mx01.bfk.de with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) id 1OwWXN-0007MS-FR; Fri, 17 Sep 2010 08:43:17 +0000
Received: by bfk.de with local id 1OwWXM-0002ka-Ln; Fri, 17 Sep 2010 08:43:16 +0000
To: Andras Gustafsson <gson@araneus.fi>
Cc: Brian Dickson <brian.peter.dickson@gmail.com>, namedroppers@ops.ietf.org
Subject: Re: [dnsext] Practical question about backwards compatibility and new proposals
References: <AANLkTi=8Q-QZJo4Js_tUEg_WK0wDPv2rEumvMp+QfTeG@mail.gmail.com> <19601.50451.243072.792474@guava.gson.org>
From: Florian Weimer <fweimer@bfk.de>
Date: Fri, 17 Sep 2010 08:43:16 +0000
In-Reply-To: <19601.50451.243072.792474@guava.gson.org> (Andras Gustafsson's message of "Thu\, 16 Sep 2010 10\:19\:47 +0300")
Message-ID: <82y6b0wyjf.fsf@mid.bfk.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>
* Andras Gustafsson: > RFC 3597 deals with unknown types, but I don't think the treatment > of unexpected RRs is currently specified anywhere. Existing > implementations tend to ignore them when they occur in the answer > section of a response, and may or may not cache them when they occur > in the additional section depending on spoofing defense strategy. Quite apparently, implementations which do not implement DNSSECbis and still set the DO bit in queries (because they implement DNSSEC) ignore the RRSIG records in the answer, authority, and additional sections of responses. I don't think other RRs would receive different treatment, provided that the DO bit is set in the query. -- Florian Weimer <fweimer@bfk.de> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99
- [dnsext] Practical question about backwards compa… Brian Dickson
- Re: [dnsext] Practical question about backwards c… Andras Gustafsson
- Re: [dnsext] Practical question about backwards c… Brian Dickson
- Re: [dnsext] Practical question about backwards c… Florian Weimer
- Re: [dnsext] Practical question about backwards c… Andreas Gustafsson