Re: [DNSOP] RFC 1035 vs. mandatory NS at apex?

S Moonesamy <> Fri, 08 February 2019 17:07 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id F121112867A for <>; Fri, 8 Feb 2019 09:07:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.7
X-Spam-Status: No, score=-1.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.b=p3BwyGYl; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.b=XG/KbmnN
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 9yztpPzcleXN for <>; Fri, 8 Feb 2019 09:07:09 -0800 (PST)
Received: from ( [IPv6:2001:470:f329:1::1]) by (Postfix) with ESMTP id 8D9271200ED for <>; Fri, 8 Feb 2019 09:07:09 -0800 (PST)
Received: from ( [IPv6:2001:470:1f08:1315::2]) (authenticated bits=0) by (8.14.5/8.14.5) with ESMTP id x18H6tO3008257 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 8 Feb 2019 09:07:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=mail2010; t=1549645628; x=1549732028; bh=h9cggrwexmvI/EU4FqUEdYTbY41puFqDcTM8htJzkMI=; h=Date:To:From:Subject:In-Reply-To:References; b=p3BwyGYly6xl1GN8GIOnbhgLzH3G6YIxTJ3QQsBGCEy7hdZOHUaMSWACwZjHldc0K +KgtNbYnEc8PvuORFMLjhkMyiNKAxU3UHxY1iF3MOrFTBRC0aUDz/y5XIxH6hLxman 6JEw4nlLNlJzli3GEmRDd4LQtLsablpIV70Hnox4=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=mail; t=1549645628; x=1549732028;; bh=h9cggrwexmvI/EU4FqUEdYTbY41puFqDcTM8htJzkMI=; h=Date:To:From:Subject:In-Reply-To:References; b=XG/KbmnNVr3O5G3CPjDdWyDAlSOP7L6xBZKgJCawpDRkvbCQ/zepUJqm5MN/tdH8h CqfNzcspoCdREhTy3bYapkggJTysAv4F+slK5w+mVJ7b8yZKfYfL7EEnRrbIS2v7nf OTPnjFQ9iIHApqSJZyBq8L1tUMdFo0ln/7pDCbQQ=
Message-Id: <>
X-Mailer: QUALCOMM Windows Eudora Version
Date: Fri, 08 Feb 2019 09:06:20 -0800
To: =?iso-8859-1?Q?=22Petr_=8Apacek=22?= <>,
From: S Moonesamy <>
In-Reply-To: <>
References: <>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"; format=flowed
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [DNSOP] RFC 1035 vs. mandatory NS at apex?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 08 Feb 2019 17:07:11 -0000

Hi Peter,
At 04:16 AM 07-02-2019, Petr Špacek wrote:
>here is a quiz for experienced RFC archeologists:
>section 5.2. Use of master files to define zones
>does not mention NS at apex at all, but it does explicitly mention SOA
>at apex. Can it be interpreted as if NS at apex is not mandatory?
>Funnily enough
>has an example which as NS at apex, but it is not clear from the text above.
>Is it mandatory or not? Should I submit erratum for RFC 1035?

RFC 1035 assumes that the reader is familiar with 
RFC 1034.  Section 5.2 of RFC 1035 discusses 
about validity checks to be performed on the 
master files used to define zones.  I would read 
Section 4.2 of RFC 1034 to understand the 
technical considerations, e.g. is a NS needed or 
not.  The examples in RFC 1035 are "primarily 
pedagogical".  I suggest taking into 
consideration that RFC 1035 is part of STD 13 for errata processing.

S. Moonesamy