IETF Logo Mail Archive

Re: [DNSOP] [Ext] Lameness terminology

Matthew Pounsett <matt@conundrum.com> Fri, 04 May 2018 13:12 UTC

Return-Path: <matt@conundrum.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68E701200B9 for <dnsop@ietfa.amsl.com>; Fri, 4 May 2018 06:12:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.609
X-Spam-Level:
X-Spam-Status: No, score=-2.609 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=conundrum-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7AEeKRvpIXUW for <dnsop@ietfa.amsl.com>; Fri, 4 May 2018 06:12:12 -0700 (PDT)
Received: from mail-it0-x22c.google.com (mail-it0-x22c.google.com [IPv6:2607:f8b0:4001:c0b::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9222120047 for <dnsop@ietf.org>; Fri, 4 May 2018 06:12:11 -0700 (PDT)
Received: by mail-it0-x22c.google.com with SMTP id i136-v6so3271315ita.2 for <dnsop@ietf.org>; Fri, 04 May 2018 06:12:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=conundrum-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=jWBQy7OeeSm1mS05M6SVOOEpARJeeVoR6NZneuVcSvU=; b=TKpum9I8FuA8ASduNkk9cRChqXwKYfQqTvhI6D6Z/7XTh0/4LSXd2bH/NtutOgrGU0 iLRxCQagtNHJWpLaEPf8oYyNBzbnT8DYF82GzWRZWzeSAZv1sTuPrXRDu1OE0YolZVaj qVLJmdDOXiWPZuHBPpoU9VJJFWBe9kcdCYtv3MQvMP1ksH+xOfFOBOqy/LG7n93EjOFY D7Ldom5UZXO5BJFbfK4x0A85JFRveaGbr04kZLs2o4ZsqiLe9XNaYYZdD/ggHJMQPNI/ GOtAHuvcY6vhwDpSf4FA02+So+4xJTUTzVuLAgtC145FQcwFDFNgWfulBBRFEN7DK2uG MPhQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=jWBQy7OeeSm1mS05M6SVOOEpARJeeVoR6NZneuVcSvU=; b=OUijzGyxHr7Z4QXFro+lhklg0yEC0QsM0dFAfVV0fkBgp0dhndFTJv1ObIJG54PVkp Ak5VxQ7/kaQYZ8XE1nrHUm8sLpIc0noIDNSIcrOPt4IXzHIWq7xjFyswShh4vKyE7+sY 63nfkxcoqha5oX7XzW7OoasacZhIaERPArNH5J9dglSF7yHddymMOxxpRJHV/pz0ZwJ/ L0pxg6y2UWQzzJqCNjKe1VVy96vwFyMIY4r1V7dAy3esVdZX7zOUAHcLrSee9+w/h3nf PUuRo7Sdv2epnZr9Nly3lty0RmAFNQhgOo4CRl7wpEcSjnt/qb3ov/gMUUnHVrXPzic6 A5rg==
X-Gm-Message-State: ALQs6tAADHowDlMYvE1YnfiVnqgYB5ngHmner6fbOScJHAb1MGuW9b20 P2+SpyCVHWXam6xXhYUjkX3dUuW6d7qYiyjLPxQeLVJl
X-Google-Smtp-Source: AB8JxZopO+0wiaP0NJCNQ95VC5ChkCYXbxcimsbMXCgEnF6q0riPTuNDVw9sfy87Ut5wkd/IxaIpUf//oP0i1xoymqA=
X-Received: by 2002:a24:a0cc:: with SMTP id o195-v6mr27698308ite.115.1525439530949; Fri, 04 May 2018 06:12:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:5ccd:0:0:0:0:0 with HTTP; Fri, 4 May 2018 06:12:10 -0700 (PDT)
In-Reply-To: <81f139a9-b806-b505-946c-4c1880974073@time-travellers.org>
References: <7C873271-A784-4594-91A3-48C697EEC613@vpnc.org> <b3ed96d7-26fb-3d97-118b-39e8f352a38c@time-travellers.org> <87F43055-5B0E-4551-BD8D-241D93F9039F@icann.org> <CACRw5znmX559DpXv5Copn9u6YN0mUgrk9q5QT=bpUbYArU8VzA@mail.gmail.com> <81f139a9-b806-b505-946c-4c1880974073@time-travellers.org>
From: Matthew Pounsett <matt@conundrum.com>
Date: Fri, 04 May 2018 09:12:10 -0400
Message-ID: <CAAiTEH_2MToAeCEW8vg9hEtp40dwiYcLPBFCeGeo2+abcXCqOQ@mail.gmail.com>
To: Shane Kerr <shane@time-travellers.org>
Cc: Amreesh Phokeer <amreesh.phokeer@gmail.com>, "dnsop@ietf.org" <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000005e79cc056b6111d2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/9E2cvJ1xfBbrhMSQpBVM1Dcf-Ug>
Subject: Re: [DNSOP] [Ext] Lameness terminology
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 May 2018 13:12:13 -0000

On 4 May 2018 at 05:59, Shane Kerr <shane@time-travellers.org> wrote:

>
>
> Within a given NS RRset for a zone, we have a few failure modes:
>
> A. One or more NS do not resolve
> B. NS RR points to a CNAME (technically disallowed, right?)
> C. NS RR does not point to any A or AAAA that resolve
> D. An A or AAAA RR is for one or more addresses that are not
>    authoritative
>
> Case C might not strictly be lame, if for example it points to a .ONION
> address or similar.
>
> Case D might be usefully split into addresses that reply and those that
> timeout.
>

That seems complete to me.


> I think that there may be something useful in creating a term when a
> delegation only points to lame servers, thus cannot be resolved at all.
> Perhaps "broken delegation"? 😉
>

The way this has always worked in my head is that a zone can be delegated
to one or more lame servers.  If the zone is delegated entirely to lame
servers, then the delegation is lame.

But I take your point that perhaps that is too much overloading of the term
'lame'.




>
>
> There are also a few related issues coming from mismatches at parent &
> child.
>
> 1. "Lame hint" might describe an NS that is above the zone cut, and
>    points to one or more lame servers
>

The NS set above the zone cut comprises the delegation, doesn't it?  That's
not just a hint.


> 2. "Authoritatively lame" might describe an NS that is below the zone
>    cut
> 3. "Totally lame, man" might describe a lame NS that is in both
>
> We can also have:
>
> 4. "Confusingly lame" which might describe when there is a mismatch
>    between NS answers of authoritative servers, some of which point to
>    lame servers 😆
>

Now I don't feel so bad about using 'lame server' and 'lame delegation' to
mean not-entirely-overlapping things. :)


>
>
> I hesitate to suggest it, but is there value in a draft around lameness?
>
> There's value in describing common misconfigurations and how to
detect/name/avoid them.  Does it need to just be a draft about lameness?

v2.23.0 | Report a Bug | By Email