IETF Logo Mail Archive

[DNSOP] Closing out issues in draft-ietf-dnsop-resolver-priming

"Paul Hoffman" <paul.hoffman@vpnc.org> Fri, 16 October 2015 00:06 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E87B1A8A08 for <dnsop@ietfa.amsl.com>; Thu, 15 Oct 2015 17:06:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.347
X-Spam-Level:
X-Spam-Status: No, score=-1.347 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_COM=0.553] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hTWm-IU7C-cn for <dnsop@ietfa.amsl.com>; Thu, 15 Oct 2015 17:06:13 -0700 (PDT)
Received: from hoffman.proper.com (Opus1.Proper.COM [207.182.41.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 043071A8A07 for <dnsop@ietf.org>; Thu, 15 Oct 2015 17:06:12 -0700 (PDT)
Received: from [10.32.60.153] (50-1-51-139.dsl.dynamic.fusionbroadband.com [50.1.51.139]) (authenticated bits=0) by hoffman.proper.com (8.15.1/8.14.9) with ESMTPSA id t9G06BG7034412 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <dnsop@ietf.org>; Thu, 15 Oct 2015 17:06:12 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: hoffman.proper.com: Host 50-1-51-139.dsl.dynamic.fusionbroadband.com [50.1.51.139] claimed to be [10.32.60.153]
From: Paul Hoffman <paul.hoffman@vpnc.org>
To: dnsop WG <dnsop@ietf.org>
Date: Thu, 15 Oct 2015 17:06:11 -0700
Message-ID: <8149BC4D-F11E-4E4F-BBB8-C38D865A4184@vpnc.org>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.2r5141)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/H0s7NgdMgDb_eOMcy3_ZbnNAxkw>
Subject: [DNSOP] Closing out issues in draft-ietf-dnsop-resolver-priming
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Oct 2015 00:06:14 -0000

<secretary hat on>

Greetings. The WG has a draft, draft-ietf-dnsop-resolver-priming, which 
has somewhat fallen off the table, and it is time to bring it back. The 
draft has two identified open issues, and the authors would like the WG 
to clear those up before issuing a new draft, and then hopefully going 
to Working Group Last Call. Because the draft is expired, to review it, 
please see:
   https://tools.ietf.org/html/draft-ietf-dnsop-resolver-priming-05

The two open issues are in Section 4:

4.  Requirements for Root Name Servers and the Root Zone

    The operational requirements for root name servers are described in
    [RFC2870].  This section specifies additional guidance for the
    configuration of and software deployed at the root name servers.

    All DNS root name servers need to be able to provide for all
    addresses of all root name servers.  This can easily achieved by
    keeping all root name server names in a single zone and by making 
all
    root name servers authoritative for that zone.

    If the response packet does not provide for more than 512 octets due
    to lack of EDNS0 support, A RRSets SHOULD be given preference over
    AAAA RRSets when filling the additional section.

    [[Issue 1: EDNS0 is used as an indication of AAAA understanding on
    the side of the client.  What to do with payload sizes indicated by
    EDNS0 that are smaller than 1024, is open to discussion.  At the 
time
    of writing, some root name servers will fill the additional section
    with all available A RRSets, only adding some AAAA RRSets, when
    queried over IPv4 without EDNS0.  Other servers will deliver more
    AAAA RRSets, therefore withholding some A RRSets completely
    [RFC4472].]]

    To ensure equal availability the A and AAAA RRSets for the root name
    servers' names SHOULD have identical TTL values at the authoritative
    source.

    [[Issue 2: Do the TTLs for the root NS RRSet and address RRSets in
    the root and the ROOT-SERVERS.NET. zones need to be aligned?  In 
real
    life responses, the address RRSet's TTL values vary by name server
    implementation.  Is this diversity we can live with?  Should the
    authoritative source prevail?  Is it therefore a protocol issue
    rather than an operational choice of parameters?]]

The question at this point is: what should we do about each issue? 
Specific wording is appreciated.

--Paul Hoffman

v2.23.0 | Report a Bug | By Email