IETF Logo Mail Archive

Re: [DNSOP] draft-mglt-dnsop-search-list-processing-00.txt

Daniel Migault <mglt.ietf@gmail.com> Tue, 15 April 2014 16:45 UTC

Return-Path: <mglt.ietf@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD5981A01CB for <dnsop@ietfa.amsl.com>; Tue, 15 Apr 2014 09:45:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.599
X-Spam-Level:
X-Spam-Status: No, score=-0.599 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U-v5dUDdyJKm for <dnsop@ietfa.amsl.com>; Tue, 15 Apr 2014 09:45:02 -0700 (PDT)
Received: from mail-wi0-x22d.google.com (mail-wi0-x22d.google.com [IPv6:2a00:1450:400c:c05::22d]) by ietfa.amsl.com (Postfix) with ESMTP id A25161A01BE for <dnsop@ietf.org>; Tue, 15 Apr 2014 09:45:01 -0700 (PDT)
Received: by mail-wi0-f173.google.com with SMTP id z2so34745wiv.12 for <dnsop@ietf.org>; Tue, 15 Apr 2014 09:44:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=94tkpExuJEtPoebLjKRqVDia7fAr0l8AYONXCEyJ1as=; b=eFSjV35IpvqgEJX2OU9w9KE1QunAHOXr7PhTYEroiNvz+pb9LdCko3WQeEp9Qago8X gvuT+hRLXmj0a1Rm10hegNHCGqW6+H9G8hanfDxIfPiroDIZHJS9whtwZOFT/t4uhz+e ZwLSBykgcjfl25rKeraHk29WOIjcuL/qFet/TCmcf/o/4FQLVnMQcacP2KRLTuP7AVtD TxyUDdsqeWnrmZRi19eFX+tcaaN39983QlWbABBroxdx/UNkZq4Pf+pH/sOqdsUgtuQ9 L8PAnaK7NWtRW+qXX+QlZIRSc6OQKMG1Fibt6ijbjZZang+cV2xt6PG18P+i5/juoPs/ BdZw==
MIME-Version: 1.0
X-Received: by 10.194.19.161 with SMTP id g1mr2566756wje.20.1397580298357; Tue, 15 Apr 2014 09:44:58 -0700 (PDT)
Received: by 10.194.161.232 with HTTP; Tue, 15 Apr 2014 09:44:58 -0700 (PDT)
In-Reply-To: <20140415022026.1BE5513BE235@rock.dv.isc.org>
References: <CADZyTkn2Wau99zfQR+jjwHVr4Jnq3Eo=Ht+OEScbvKBLc=7e2w@mail.gmail.com> <20140415022026.1BE5513BE235@rock.dv.isc.org>
Date: Tue, 15 Apr 2014 18:44:58 +0200
Message-ID: <CADZyTk==QG6Yf81pX4K+t5RN7USgZ3xGLW7xiuBEs2DvrS7rhg@mail.gmail.com>
From: Daniel Migault <mglt.ietf@gmail.com>
To: Mark Andrews <marka@isc.org>
Content-Type: multipart/alternative; boundary="047d7b5d28583a909f04f717852f"
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/5GY7errUrNZ3FTC3KaxvjAVBjWM
Cc: dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] draft-mglt-dnsop-search-list-processing-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Apr 2014 16:45:06 -0000

Thanks for the clarification. I will use these classifications for names
and rewrote the draft with these.

If I understand correctly, your last remark is: Suppose a resolver proceeds
to a resolution using a search list L= label-1, label-2, ...,  label-n. The
resolution goes from label-i to label-j only and only if the returned codes
are SERFVAIL or NOTIMP or NOERROR or NO DATA (I assume NO DATA is
NXDomain).

Is that correct to understand search continuation as going from one label
to another? More specifically, it does not mean to switch from search list
resolution to DNS resolution.

In addition, this also means that a 1) NOERROR does not necessarily end the
resolution. and 2) other RCODEs ends the resolution. Is that correct?

Thanks!
Daniel




On Tue, Apr 15, 2014 at 4:20 AM, Mark Andrews <marka@isc.org> wrote:

>
> In message <CADZyTkn2Wau99zfQR+jjwHVr4Jnq3Eo=Ht+OEScbvKBLc=
> 7e2w@mail.gmail.com>
> , Daniel Migault writes:
> >
> > Hi folks,
> >
> > Please find draft-mglt-dnsop-search-list-processing-00.txt [1]  This
> draft
> > comes in the context of generic TLD with possible naming collision. In
> > order to keep naming resolution stable and reliable, it describes 1) how
> > resolver should generate their search list, 2) how resolver should
> > distinguish a name resolution that needs to be associated with a search
> > list and 3) how a resolver should perform a resolution involving search
> > list.
> >
> > Feel free to comment/review.
> >
> > BR,
> > Daniel
> >
> > [1]
> http://tools.ietf.org/html/draft-mglt-dnsop-search-list-processing-00
> >
> > --
> > Daniel Migault
> > Orange Labs -- Security
> > +33 6 70 72 69 58
> >
>
> Firstly there is unqualified, partially qualified, fully qualified and
> absolutely names in use today.
>
>         unqualified - single label
>         partially qualified  - multi label intended to be fully qualified
>                         by use of searching.
>         fully qualified - multi label not intended to be fully qualified
>                         by the use of searching.
>         absolutely qualified - period at the end (not supported by all
>                         protocol elements)
>
>         ndots is used to distingish which order to treat a multi
>         label input in libresolv/libbind and was added as a response
>         to RFC 1535.
>
>         unqualified - search list then as entered.
>         partially qualified - search list then as entered.
>         fully qualified - as entered then search list.
>         absolutely qualified - as entered.
>
>         Additionall there is search continuation on SERFVAIL, NOTIMP
>         and NOERROR NO DATA responses to consider.
>
> One also needs to look at RFC 1535 which discourages the use of
> automatically constructed search lists.
>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org
>



-- 
Daniel Migault
Orange Labs -- Security
+33 6 70 72 69 58

v2.23.0 | Report a Bug | By Email