IETF Logo Mail Archive

Re: [DNSOP] [Ext] Meaning of lame delegation

Peter Thomassen <peter@desec.io> Sat, 15 April 2023 17:13 UTC

Return-Path: <peter@desec.io>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5344C15152B; Sat, 15 Apr 2023 10:13:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=a4a.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NvOqRArxhTsY; Sat, 15 Apr 2023 10:13:27 -0700 (PDT)
Received: from mail.a4a.de (mail.a4a.de [IPv6:2a01:4f8:10a:1d5c:8000::8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2D810C1516E3; Sat, 15 Apr 2023 10:13:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=a4a.de; s=20170825; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:From: References:Cc:To:Subject:MIME-Version:Date:Message-ID:Sender:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=pfFKxvn5UxJBIonHp8OOiUTB1A6NJYV0zVSGy9HWBOE=; b=Ur2BihQn9DF1rHHSPmD49ihs6S 3Z9BOrmyB5uCXwTPhCBbo8P7+SpLzt2Vem5EEozkj8VJ3rdtWEuIQ4H0sn2SQ+ONXqbdF/GL8nTls sk/+PYQjjSRjYbJ5Lpy7AILhdVszynfYNnSX4nlCp38MYaHDUR+j2l0BedDJv9qrJaT2OgGnWXMIH j0lK76tzOyTPDCWziBbZiZ71ffk/vTEGz9n62vmAK2O4XrpFfv+zlNAGglLr3617CC2R3f8odOh4A jQQVt9AepVVfZRktwotD+CE1S7wjIJhHbQ1VtqKejeqMkNxkaLjVsoK2K1N4JGDFTX/9sn9Fxa+nW 8PZfSnDA==;
Received: from [2a00:20:c00f:beb2:e79d:10ff:44b4:6b8] by mail.a4a.de with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from <peter@desec.io>) id 1pnjSi-0006NV-Mk; Sat, 15 Apr 2023 19:13:20 +0200
Message-ID: <28206417-171b-ac1e-55fc-0c8dcee745cd@desec.io>
Date: Sat, 15 Apr 2023 12:13:15 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.9.0
Content-Language: en-US
To: "Wessels, Duane" <dwessels=40verisign.com@dmarc.ietf.org>, Paul Vixie <paul=40redbarn.org@dmarc.ietf.org>
Cc: Paul Hoffman <paul.hoffman@icann.org>, "dnsop@ietf.org" <dnsop@ietf.org>
References: <1E956A0C-8FA4-4693-B4E8-AF22C4B5818A@verisign.com> <1B17EFB1-E801-4F9D-B0AC-87EC584001C5@icann.org> <06867e1c-869d-4471-907c-c3c11bee6d8e@redbarn.org> <6567E9FB-D89C-4CE5-BB8D-8818F198F134@verisign.com>
From: Peter Thomassen <peter@desec.io>
In-Reply-To: <6567E9FB-D89C-4CE5-BB8D-8818F198F134@verisign.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/9Cigt2cxCWo290yflK7RZjEwHoI>
Subject: Re: [DNSOP] [Ext] Meaning of lame delegation
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Apr 2023 17:13:32 -0000


On 4/10/23 15:39, Wessels, Duane wrote:
> “A lame delegation is said to exist when one or more authoritative servers designated by the delegating NS rrset or by the apex NS rrset answers non-authoritatively for a zone”.

... or by the *child's* apex NS rrset ...

(The delegating zone also has an apex NS rrset. We know that that's not meant, but somebody looking up the terminology because they are not so familiar might need that extra clarity.)

Best,
Peter

-- 
https://desec.io/

v2.35.0 | Report a Bug | By Email | System Status