Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveuse-01.txt
P Vixie <paul@redbarn.org> Sat, 24 October 2015 22:54 UTC
Return-Path: <paul@redbarn.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EDE71A87AA for <dnsop@ietfa.amsl.com>; Sat, 24 Oct 2015 15:54:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.61
X-Spam-Level:
X-Spam-Status: No, score=-1.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dUAettcxeQqC for <dnsop@ietfa.amsl.com>; Sat, 24 Oct 2015 15:54:32 -0700 (PDT)
Received: from family.redbarn.org (family.redbarn.org [24.104.150.213]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29C421A87A7 for <dnsop@ietf.org>; Sat, 24 Oct 2015 15:54:32 -0700 (PDT)
Received: from [100.101.240.60] (72.sub-70-192-140.myvzw.com [70.192.140.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id CF53F13B5E; Sat, 24 Oct 2015 22:54:27 +0000 (UTC)
In-Reply-To: <20151024191654.GA3560@sources.org>
References: <20150310.191541.52184726.fujiwara@jprs.co.jp> <20150707.182043.193693838.fujiwara@jprs.co.jp> <CAJE_bqcRQH0WGTaLqtMSuiOty4KHe9nN6T-wmqf3x_ohuA6TcA@mail.gmail.com> <20151024191654.GA3560@sources.org>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----M4YAH83T4MEXJYJQVMDDL4A8PO1JUD"
Content-Transfer-Encoding: 8bit
From: P Vixie <paul@redbarn.org>
Date: Sat, 24 Oct 2015 22:54:15 +0000
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>, 神明達哉 <jinmei@wide.ad.jp>
Message-ID: <5753B8EC-60EC-44F3-872E-94766558EE50@redbarn.org>
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/AD3UAnGiP2GUu4e3RTZEMGcXeUI>
Cc: dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveuse-01.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Oct 2015 22:54:33 -0000
To me this is a feature, possibly the most important feature. On October 25, 2015 6:16:54 AM GMT+11:00, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote: >[Re-reading all emails...] > >On Fri, Jul 10, 2015 at 11:53:30AM -0700, > 神明達哉 <jinmei@wide.ad.jp> wrote > a message of 62 lines which said: > >> Regarding Section 5 (possible side effect on root servers), I wonder >> about the implication of qname-minimization (which I expect will be >> deployed much sooner than this proposal). A resolver that supports >> qname-minimization would first send a query to "local." to the root >> server upon receiving a "foo.local" query, and cache the result of >> NXDOMAIN for "local.". It will suppress subsequent external queries >> for any subdomain of it. > >Yes. Qname minimization relies on the fact that resolvers follow the >tree structure of the DNS. If "toto." does not exist, it means >"foobar.toto." certainly does not exist and there is no point querying >any authoritative server about it, a resolver can send back NXDOMAIN >immediately. > >In ietf-dnsop-qname-minimisation-07, it is discussed in section 3. > >_______________________________________________ >DNSOP mailing list >DNSOP@ietf.org >https://www.ietf.org/mailman/listinfo/dnsop -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
- [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveuse-0… fujiwara
- [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveuse-0… fujiwara
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Bob Harold
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… fujiwara
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… 神明達哉
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Shumon Huque
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Mark Andrews
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… 神明達哉
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Shumon Huque
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… fujiwara
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Casey Deccio
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Stephane Bortzmeyer
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… P Vixie
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Stephane Bortzmeyer
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Paul Vixie
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Ray Bellis
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Roy Arends
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Ray Bellis
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Roy Arends
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Ray Bellis
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Evan Hunt
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Shumon Huque
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Ray Bellis
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Tim Wicinski
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Shumon Huque
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Viktor Dukhovni
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Mark Andrews
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Paul Vixie
- Re: [DNSOP] draft-fujiwara-dnsop-nsec-aggressiveu… Shumon Huque