Re: [dnsext] zone cut semantics
Jay Ashworth <jra@baylink.com> Mon, 21 February 2011 01:43 UTC
Return-Path: <jra@baylink.com>
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C8DCE3A6F7A for <dnsext@core3.amsl.com>; Sun, 20 Feb 2011 17:43:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.842
X-Spam-Level:
X-Spam-Status: No, score=-1.842 tagged_above=-999 required=5 tests=[AWL=-0.108, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, RDNS_DYNAMIC=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0GIm4fUOM-51 for <dnsext@core3.amsl.com>; Sun, 20 Feb 2011 17:43:28 -0800 (PST)
Received: from benjamin.baylink.com (rrcs-24-129-180-187.se.biz.rr.com [24.129.180.187]) by core3.amsl.com (Postfix) with ESMTP id 9AF833A6EAC for <dnsext@ietf.org>; Sun, 20 Feb 2011 17:43:27 -0800 (PST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by benjamin.baylink.com (Postfix) with ESMTP id DD7091F0012D for <dnsext@ietf.org>; Sun, 20 Feb 2011 20:44:18 -0500 (EST)
X-Virus-Scanned: amavisd-new at benjamin.baylink.com
Received: from benjamin.baylink.com ([127.0.0.1]) by localhost (benjamin.baylink.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ylVgjGjM3YLz for <dnsext@ietf.org>; Sun, 20 Feb 2011 20:44:15 -0500 (EST)
Received: from benjamin.baylink.com (benjamin.baylink.com [192.168.253.10]) by benjamin.baylink.com (Postfix) with ESMTP id A40881F00121 for <dnsext@ietf.org>; Sun, 20 Feb 2011 20:44:15 -0500 (EST)
Date: Sun, 20 Feb 2011 20:44:15 -0500
From: Jay Ashworth <jra@baylink.com>
To: dnsext@ietf.org
Message-ID: <32361744.800.1298252655591.JavaMail.root@benjamin.baylink.com>
In-Reply-To: <AANLkTi=uwMO-nwtru00F+gD8JmibRYx1b9VWThMSHhfv@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [65.34.93.30]
X-Mailer: Zimbra 6.0.9_GA_2686 (ZimbraWebClient - FF3.0 (Linux)/6.0.9_GA_2686)
Subject: Re: [dnsext] zone cut semantics
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Feb 2011 01:43:28 -0000
----- Original Message ----- > From: "Brandon Black" <blblack@gmail.com> > On Sun, Feb 20, 2011 at 2:44 PM, Jim Reid <jim@rfc1035.com> wrote: > > Nope. Query the .com name servers for the NS records for > > example.com. They > > correctly return a non-authoritative answer. It's only the name > > servers for > > example.com that are authoritative for example.com and will > > authoritatively > > answer that query. In other words, it's the child that's responsible > > for the > > zone's authoritative NS RRset, not the parent. Which is how things > > should be > > when you consider what delegation actually means: crossing an > > administrative > > boundary from one authority to another. > > > > Please think again about what you posted. The inference of what you > > say is > > that the root servers are authoritative for everything. That's > > clearly not > > true. > > IMHO, this is where it's semantics. The root servers are > authoritative for everything, that's why we believe their delegation > answers. The AA-bit is just part of how the protocol signals > delegation of authority. Yes, the child is responsible for its own NS > records while the parent delegates, but the parent can take away the > delegation at any time and serve the child's zone data directly. You appear to be suggesting that the AA bit on the glue records in a parent zone *can be set*, merely by changing something in the parent zone file. I don't believe that to be true; TTBOMK, *the name server* makes that choice (to not set AA), *precisely because the parent server is not considered to be authoritative for objects within its children's zones*. I don't think that it's physically possible to make a parent server set the AA bit on that glue, though I'd be happy to be proven wrong. I don't operate many parent zones. :-) So: people-who-do: is my supposition/assertion above correct? If it is, is it reasonable to draw from it the inference that I do (IE, that Jim is correct and Brandon's not)? I'm sure Albitz & Liu would tell me, but I do fancy stuff with DNS insufficiently frequently for me to know where it is... Cheers,. -- jra
- [dnsext] Failure to add glue MUST cause TC to be … Mark Andrews
- Re: [dnsext] Failure to add glue MUST cause TC to… Paul Vixie
- Re: [dnsext] Failure to add glue MUST cause TC to… bmanning
- Re: [dnsext] Failure to add glue MUST cause TC to… Tony Finch
- Re: [dnsext] Failure to add glue MUST cause TC to… George Barwood
- Re: [dnsext] Failure to add glue MUST cause TC to… Brandon Black
- Re: [dnsext] Failure to add glue MUST cause TC to… Mark Andrews
- [dnsext] zone cut semantics Jim Reid
- Re: [dnsext] Failure to add glue MUST cause TC to… George Barwood
- Re: [dnsext] Failure to add glue MUST cause TC to… Mark Andrews
- Re: [dnsext] Failure to add glue MUST cause TC to… Brandon Black
- Re: [dnsext] Failure to add glue MUST cause TC to… George Barwood
- Re: [dnsext] Failure to add glue MUST cause TC to… Mark Andrews
- Re: [dnsext] Failure to add glue MUST cause TC to… Mark Andrews
- Re: [dnsext] Failure to add glue MUST cause TC to… James Mitchell
- Re: [dnsext] Failure to add glue MUST cause TC to… Brandon Black
- Re: [dnsext] Failure to add glue MUST cause TC to… Masataka Ohta
- Re: [dnsext] zone cut semantics Brandon Black
- Re: [dnsext] Failure to add glue MUST cause TC to… Mark Andrews
- Re: [dnsext] zone cut semantics Jay Ashworth
- Re: [dnsext] zone cut semantics Jim Reid
- Re: [dnsext] zone cut semantics Brandon Black
- Re: [dnsext] zone cut semantics Jay Ashworth
- Re: [dnsext] zone cut semantics Joe Abley
- Re: [dnsext] zone cut semantics Olafur Gudmundsson
- Re: [dnsext] Failure to add glue MUST cause TC to… Florian Weimer
- Re: [dnsext] Failure to add glue MUST cause TC to… Tony Finch
- Re: [dnsext] Failure to add glue MUST cause TC to… Tony Finch
- Re: [dnsext] zone cut semantics W.C.A. Wijngaards
- Re: [dnsext] zone cut semantics Michael Graff
- Re: [dnsext] Failure to add glue MUST cause TC to… George Barwood
- Re: [dnsext] Failure to add glue MUST cause TC to… George Barwood
- Re: [dnsext] Failure to add glue MUST cause TC to… Mark Andrews
- Re: [dnsext] Failure to add glue MUST cause TC to… George Barwood
- Re: [dnsext] Failure to add glue MUST cause TC to… Joe Abley