Re: [dnsext] WGLC ENDS0-bis
Florian Weimer <fw@deneb.enyo.de> Wed, 25 May 2011 17:49 UTC
Return-Path: <fw@deneb.enyo.de>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50832E06A1 for <dnsext@ietfa.amsl.com>; Wed, 25 May 2011 10:49:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.249
X-Spam-Level:
X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZDyshdkKGBHl for <dnsext@ietfa.amsl.com>; Wed, 25 May 2011 10:49:50 -0700 (PDT)
Received: from ka.mail.enyo.de (ka.mail.enyo.de [87.106.162.201]) by ietfa.amsl.com (Postfix) with ESMTP id BD240E070A for <dnsext@ietf.org>; Wed, 25 May 2011 10:49:50 -0700 (PDT)
Received: from [172.17.135.4] (helo=deneb.enyo.de) by ka.mail.enyo.de with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) id 1QPIDL-00044f-Qc; Wed, 25 May 2011 19:49:47 +0200
Received: from fw by deneb.enyo.de with local (Exim 4.72) (envelope-from <fw@deneb.enyo.de>) id 1QPIDL-0007ei-Id; Wed, 25 May 2011 19:49:47 +0200
From: Florian Weimer <fw@deneb.enyo.de>
To: Edward Lewis <Ed.Lewis@neustar.biz>
References: <4DC94AE6.5000903@ogud.com> <878vtxku9a.fsf@mid.deneb.enyo.de> <a06240800ca007c696518@[10.31.200.118]>
Date: Wed, 25 May 2011 19:49:47 +0200
In-Reply-To: <a06240800ca007c696518@[10.31.200.118]> (Edward Lewis's message of "Mon\, 23 May 2011 17\:08\:19 -0400")
Message-ID: <87r57mwtz8.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: dnsext@ietf.org
Subject: Re: [dnsext] WGLC ENDS0-bis
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 May 2011 17:49:51 -0000
* Edward Lewis: >>I would like to see guidance to implementors how they can actually >>detect EDNS0 support or the lack thereof. Alternatively, a minimum >>level of support could be made mandatory, eventually making the >>existing detection logic obsolete. > > As far as declaring "a minimum level of support": an RFC cannot say > "you must implement me, even if you were implemented last year." That > just doesn't work. A vendor which errors out or drops EDNS0-enabled queries would no longer be able to claim to implement the current version of the DNS protocol. It worked for HTTP/0.9 and SSLv2. It did not work for extended label types or RIPv1. > For backwards compatibility, we are stuck with probing for > functionality. This is a weakness of the DNS architecture. It's not an architectural problem, I think. You could implement pretty reliable signaling, but EDNS0 doesn't do it. (Basically, you need two bits, the query contains 01, and the response 10, so that you can detect stripping and dumb reflection.) Anyway, what I'm asking for is documentation for the probing algorithm. Are there existing implementations which use the presence of DNSSEC data as an indicator for EDNS0 support, as suggested in the draft?
- [dnsext] WGLC ENDS0-bis Olafur Gudmundsson
- Re: [dnsext] WGLC ENDS0-bis Brian Dickson
- Re: [dnsext] WGLC ENDS0-bis Chris Thompson
- Re: [dnsext] WGLC ENDS0-bis Tony Finch
- Re: [dnsext] WGLC ENDS0-bis Edward Lewis
- Re: [dnsext] WGLC ENDS0-bis Joe Abley
- Re: [dnsext] WGLC ENDS0-bis Alex Bligh
- Re: [dnsext] WGLC ENDS0-bis João Damas
- Re: [dnsext] WGLC ENDS0-bis Ray Bellis
- Re: [dnsext] WGLC ENDS0-bis Edward Lewis
- Re: [dnsext] WGLC ENDS0-bis Florian Weimer
- Re: [dnsext] WGLC ENDS0-bis Edward Lewis
- Re: [dnsext] WGLC ENDS0-bis Joao Damas
- Re: [dnsext] WGLC ENDS0-bis Florian Weimer