IETF Logo Mail Archive

Re: [DNSOP] I-D Action: draft-ietf-dnsop-extended-error-04.txt

"Michael J. Sheldon" <msheldon@godaddy.com> Thu, 14 February 2019 20:12 UTC

Return-Path: <msheldon@godaddy.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D5D4128D52 for <dnsop@ietfa.amsl.com>; Thu, 14 Feb 2019 12:12:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=secureservernet.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jfF9yylcvnX9 for <dnsop@ietfa.amsl.com>; Thu, 14 Feb 2019 12:12:17 -0800 (PST)
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-eopbgr820134.outbound.protection.outlook.com [40.107.82.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B66BE12867A for <dnsop@ietf.org>; Thu, 14 Feb 2019 12:12:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=secureservernet.onmicrosoft.com; s=selector1-godaddy-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gb7w65Y3KHc/tVJvSjIUPuxlTMbWFAk2s3S43IHhd8c=; b=Jakzs8GaySYEwoQviq2SpY8NMn5ISZIM86zXGScCV4hn0bQVjrCR9Ps6vzORZvWTFVz7W5X1MLAb9M6mo3NY9mkju3yvwj7teTa2HFLgxwZ3c7b8/9vGISmYOnc/iXZipmnL/oId3q92ovUaWLvdYq7xk3qyNXy+7L/dDpFQrJs=
Received: from BYAPR02MB5190.namprd02.prod.outlook.com (20.177.124.15) by BYAPR02MB5832.namprd02.prod.outlook.com (20.179.63.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1601.22; Thu, 14 Feb 2019 20:12:15 +0000
Received: from BYAPR02MB5190.namprd02.prod.outlook.com ([fe80::d4e7:ce1a:9ae0:d53]) by BYAPR02MB5190.namprd02.prod.outlook.com ([fe80::d4e7:ce1a:9ae0:d53%3]) with mapi id 15.20.1622.018; Thu, 14 Feb 2019 20:12:15 +0000
From: "Michael J. Sheldon" <msheldon@godaddy.com>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>, "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [DNSOP] I-D Action: draft-ietf-dnsop-extended-error-04.txt
Thread-Index: AQHUpsfRuflG9ymc2E6RowZqKM9vjaXf78WAgAAFsgA=
Date: Thu, 14 Feb 2019 20:12:15 +0000
Message-ID: <3f0fde90-5a64-6bda-7800-a63311557e2a@godaddy.com>
References: <154689301066.32204.17312124670782800354@ietfa.amsl.com> <20190214195125.nwbazwpk3rgrgxkf@sources.org>
In-Reply-To: <20190214195125.nwbazwpk3rgrgxkf@sources.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2600:8800:2800:8db:6a6e:1d88:205:32e2]
x-clientproxiedby: BYAPR05CA0069.namprd05.prod.outlook.com (2603:10b6:a03:74::46) To BYAPR02MB5190.namprd02.prod.outlook.com (2603:10b6:a03:68::15)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=msheldon@godaddy.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e28b1ec0-a687-4a57-e400-08d692b8b666
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(4618075)(2017052603328)(7153060)(7193020); SRVR:BYAPR02MB5832;
x-ms-traffictypediagnostic: BYAPR02MB5832:
x-microsoft-exchange-diagnostics: 1;BYAPR02MB5832;23:BgUTXuApPx51pkWwnl29892M/m28+ulBeiqxMfTmcrg8gg3/uUDZPx4Sxmx29hibX4CNnlDhOaWL6mddGQiMqlUI49koqgZ77SsY8j7O646hIJ5RmrvnxiB9p/MH+138EYzebyXqzY9FrCuNpjEYDWnCxVg/lbJlDZuQhyJ9u0e2oAOi38ekhdiHiAfwS+K5DTZO+UWdB5D6iQAtwxiHRkpfaIKPSeXUmNxxi7JCH5hvpSG1h6pHLbr9hqybJDrJylTkzX7Vem2OufbIQBv+q8MmAqGU8/nOQ0c9Z7pPNBJYZGZH4J9p0AIIFj/50L0dOHztUr7V157um+PKKQNqvdxNol4lAoKktAOitGZc1gqiOZ9wWRbR5EauaOp/L4Rk3E8cKH/1rIwPrN1Dv9VGsK0TFvjphRxKNQQNId7ft6cEXNQzrmE1zEPP0H5RAtVMkMcUT21/dGgJANVoWEvRfmgbZBtNyfb2BmrsfccOriUr7W3Cy8Z5Yu1VxxaKFP7g/l12TChX7FIXGP/9cQJ26yIM9v4D0uhuw5WX7YZAVk55gd/U3yJqbzpdP95aSEupUgg91ZMORoRqK4Hi7tzWAeQXBQ961r/URdUKnOYuKx3CTxzkh3WjtgWPjAXwTM+uXgbG9a5D8cD6Rt7l5PVZq8K8dVE3MlVTpOS4nfCGDy8JR3lRAb52khUo/HN1N9xgqaXxPC8UT/RI5ZTjteeoP1j4ejbfFZ9efRKMga3ZLMrUBXGxXxMKd9VOsn2qx6AmvS0j0/HShimr/I0iRqx/PfrddxP/xMe9WDblTg6+KfFXlODTuZfH/+mDeavPhkfzzasEhdUgPnvWc54U3cbzV4VpxI7TqJnIVhfD6u1/2tm4RyiVCToImS4F2fOJji6MFKGOWa/z6lyTynwRnaZtdzpf7ua2qomDpVOGJDwTuYZ/1YEaxbfh2VYtN/l3HXM4anj8mlYqR/Or3fDgmG88AwxaMmI3ms3/dE8+Bpc0Vioq0/QbKMLHV3vWfH8DiMsnz5jYi9bLHcnzdHF/uJJAWt8lrhR8qNOElVOWimKKX/wdEV4VG7Xgddip05BnP1rES4tWm58Ea++cbMPtu0muCVywvJqNAsuSsNyCSdGYyWeNW+ylG6KrPz31J5Nh2tf2Qbd4ru70tcBQ8uRr5oH+JdrN71Ct8Msm7KIIEREYijDoZe3cHJTkr6fBYNigMo5h
x-microsoft-antispam-prvs: <BYAPR02MB5832F9CE877E7627E71672CCDB670@BYAPR02MB5832.namprd02.prod.outlook.com>
x-forefront-prvs: 09480768F8
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(39860400002)(346002)(136003)(396003)(366004)(189003)(199004)(52116002)(476003)(6436002)(6246003)(81166006)(36756003)(6486002)(71190400001)(25786009)(2616005)(71200400001)(486006)(46003)(81156014)(14454004)(97736004)(6512007)(8676002)(86362001)(76176011)(53936002)(6116002)(31696002)(229853002)(68736007)(256004)(316002)(102836004)(53546011)(478600001)(7736002)(99286004)(110136005)(31686004)(305945005)(8936002)(6506007)(2501003)(11346002)(2906002)(106356001)(446003)(66574012)(105586002)(386003)(186003); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR02MB5832; H:BYAPR02MB5190.namprd02.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: godaddy.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: yOhZ6xSUJoQflmHgNHxp+alNAbiuiFmF1B89r+uiWd3Avzuu0mRm4ywwWwIjzsEhXC1GOITuCcqy1NceBibOeSKTx8JI0+9v/dYx5bNsAR42CtzJpd3QLm7su8YbjF1eBWFIITgtjA4SNpbcCe+lWq5ybUHn6/Mhl6qrB5aSZ/0OC7DcRbSkRRiATbZmmo1Yz7LcMR/J2Zn9AsUxI/X/njEBevejqgpM8PWJszGD6spxUfpJSrFDKCU17U7dBRosMQuRAwdgpcNDLe7dxJ787GLCadHLfQCjYS1jvuH+xjO8GyU6p30/x1pdfUY8p2ZnPjFAYP1SnmHs8NJG6vd3KPiypCcRfOiMg+CxmvnsMfAGR1Zrs+HFqPKaWO4QgT8NDWcIBmHONyG9t+qSKV+0EbKDSIQ4zPVmD8KuN2gEJGI=
Content-Type: text/plain; charset="utf-8"
Content-ID: <2A69E71BC586F14A99A88F12671479E2@namprd02.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: godaddy.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e28b1ec0-a687-4a57-e400-08d692b8b666
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Feb 2019 20:12:15.0107 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-id: d5f1622b-14a3-45a6-b069-003f8dc4851f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR02MB5832
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/5EBYStu6S8mpqOAOqfFrQq9zchM>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-extended-error-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Feb 2019 20:12:20 -0000

On 2/14/19 12:51 PM, Stephane Bortzmeyer wrote:
> On Mon, Jan 07, 2019 at 12:30:10PM -0800,
>  internet-drafts@ietf.org <internet-drafts@ietf.org> wrote 
>  a message of 44 lines which said:
> 
>>         Title           : Extended DNS Errors
>>         Authors         : Warren Kumari
>>                           Evan Hunt
>>                           Roy Arends
>>                           Wes Hardaker
>>                           David C Lawrence
>> 	Filename        : draft-ietf-dnsop-extended-error-04.txt
> 

>> 4.2.5.  SERVFAIL Extended DNS Error Code 5 - DNSKEY missing
>>
>>   A DS record existed at a parent, but no DNSKEY record could be found
>>   for the child.
> 
> I suggest to replace "no DNSKEY record could be found for the child"
> by "no DNSKEY record for this specific key could be found for the
> child".
> 
> Rationale : the current text seems to imply this code is only when
> there is no DNSKEY at all.
 I disagree. There are going to be cases where DS and DNSKEY are not
fully in sync due to key rollovers, prestaging, etc. This is not a fatal
error.
So long as one DS matches one (supported) DNSKEY, the domain is
resolvable, and is not a SERVFAIL. It is only SERVFAIL if *no* DS match
useable keys.

I would suggest "No supported matching DNSKEY record could be found for
the child"

-- 
Michael Sheldon
Dev-DNS Services
GoDaddy.com

v2.23.0 | Report a Bug | By Email