Re: [DNSOP] [Ext] Starting a -bis document for RFC 8109: Initializing a DNS Resolver with Priming Queries

Andrew McConachie <> Fri, 07 August 2020 14:20 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A861F3A0C3A for <>; Fri, 7 Aug 2020 07:20:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 89Rm25phvVcF for <>; Fri, 7 Aug 2020 07:20:41 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::12c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 563773A08B0 for <>; Fri, 7 Aug 2020 07:20:41 -0700 (PDT)
Received: by with SMTP id z3so1914701ilh.3 for <>; Fri, 07 Aug 2020 07:20:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=DPoEL1U5oPT95hz8KZRIwQOXqBG4OmR+7633vcBGQkc=; b=1pQV31nzc4c+kn+d1HpHvszp9tQ9/zev7p4/8g+XGfbcxXh+N09Z15v+2N41WHzGvR 9YHALA2b8MFCd98hRsYwLkozbGPXEG1ADIgLFOMmWegpngTDttmQ+QKA6bXAQiFPPt+A 7ipCoLKiC9ifImoqISUN1r//ZnVMmn1h7dJgoeEcEqGHhptKntLX8KM0LwMsRJ56mIVI 9GggDfPdgyrvkLT7Bzywp1VQmVRqZUtM2KWYybR+WQY3ce9CdOtZwkyM/xF/XHXkquO8 Vacsqx8KDB2hXvH25S51blCj7ryQkHicEkKWGKhRwFwdM9j0MEhza5F5TlZ5wvLB0tyd R5zg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=DPoEL1U5oPT95hz8KZRIwQOXqBG4OmR+7633vcBGQkc=; b=tUmv7H6/sg1+afdcbTWPBWGRpA48nRdZ0yhkHougTe6wpvYSUQi4C/yDPzvx9nZMxg 2/r1hzbwSGR8bT4aPq4G7ItF4cvjiK0klJfNMm+utrU0W6wM1V6tiFU8BJOR3tK5EWjJ 0GpeERHyKLnPfVDcQ+PW0AENUg/VmbkX2Y6gOfDh/djlb8RFssK30JMz/p8oYF3jgneI MMlm+lebLd+VCN2+Ix/KjgViTw58bK3pZixZhXsasygxeCumoC6OxoXGpX9tcPilkTK0 A+y3PIz/3LK/AyEoLyC0jfRy9UMNyhjBM7CMRvtabzylw3ha6g0F7RT55rV3QsR/Bm97 +Z/A==
X-Gm-Message-State: AOAM5314KKGG4fddqHFC7r0S3rvmyiVOva85egUrhd1Jtt/vkyDU/xdT Wts/QVhdXKq3a0ncyAjnyT9N3w==
X-Google-Smtp-Source: ABdhPJzVNAHfL4OeqxCh3aQ+QT5oWqNkb+p2PhPc4oFir98Twjiw45yB38fyo/j52aTVne2om7aJxg==
X-Received: by 2002:a92:85c8:: with SMTP id f191mr4859821ilh.242.1596810040423; Fri, 07 Aug 2020 07:20:40 -0700 (PDT)
Received: from [] ([2a02:a212:9285:29f0:4fa:a8bc:496d:ce98]) by with ESMTPSA id p20sm5958065iod.27.2020. (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 07 Aug 2020 07:20:39 -0700 (PDT)
From: "Andrew McConachie" <>
To: "Paul Hoffman" <>
Cc: "dnsop WG" <>
Date: Fri, 07 Aug 2020 16:20:37 +0200
X-Mailer: MailMate (1.13.1r5671)
Message-ID: <>
In-Reply-To: <>
References: <> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <>
Subject: Re: [DNSOP] [Ext] Starting a -bis document for RFC 8109: Initializing a DNS Resolver with Priming Queries
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 07 Aug 2020 14:20:43 -0000

On 6 Aug 2020, at 16:41, Paul Hoffman wrote:

> On Aug 6, 2020, at 4:08 AM, Andrew McConachie <> 
> wrote:
>> What does it mean for a resolver to be primed, or for a resolver to 
>> not be primed? For example, is a resolver considered primed only if 
>> it has all root server names and IP addresses? 50%? At least 1?
> Excellent questions, two that the WG can certainly consider. Note that 
> it *is* two questions, the root server names and the associated 
> addresses.
> From the text you quote:
>>   Priming is the act of finding the list of root servers from a
>>   configuration that lists some or all of the purported IP addresses 
>> of
>>   some or all of those root servers.  A recursive resolver starts 
>> with
>>   no information about the root servers, and ends up with a list of
>>   their names and their addresses.
> RFC 8109 indicates that priming means knowing the full set of names 
> and the full set of addresses.
It would be good if this document said that without having to refer back 
to RFC 8109.

>> If that were true it would be impossible for the resolver to find 
>> anything. It definitely starts with some information about the root 
>> servers. Maybe change "no information" to "this information".
> This distinction is important. A resolver starts with no actual 
> information, but only meta-information: where to get the actual names 
> and addresses for the root server. Is there a better way to say this 
> in the -bis document?
Meta-information is information, just like meta-data is data. The 
distinction only depends on context.

How about this for the last sentence, “A recursive resolver starts 
with no cached information about the root servers, and finishes with a 
full list of their names and their addresses in its cache.”