Re: [DNSOP] RFC 1035 vs. mandatory NS at apex?

Bob Harold <> Thu, 07 February 2019 15:48 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 717B71279E6 for <>; Thu, 7 Feb 2019 07:48:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.099
X-Spam-Status: No, score=-0.099 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id VNK72Lgi2u1O for <>; Thu, 7 Feb 2019 07:48:32 -0800 (PST)
Received: from ( [IPv6:2a00:1450:4864:20::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 56DF9126D00 for <>; Thu, 7 Feb 2019 07:48:32 -0800 (PST)
Received: by with SMTP id z25-v6so259147ljk.7 for <>; Thu, 07 Feb 2019 07:48:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google-2016-06-03; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=95fHgSpJE2a/3pwyKvGNb1L0YoT7mXAkeuotnBAIh8s=; b=YhEEJdLyxasmK8ApodQrdtTl6JCvmOf61rssxIKA7ZR48p8BClgbbhtUMsqUzD65me IlHuppSRQABoDweLgaYgfMaPXpmMisReQ8iKECjx6yqDvFjV81HsL/CBSOugDDJzTHCu tpsCV8gvZ6ooZeyCIIlTg/j1ldetdCZYYshlFEE9q7BM1zmryy7I14Lxc46ytLInMN2J /l63b2nKyncSHLZX3ie+IEscHCoQ4n00O2oootFnr12UzaBsHPuJBVcVYGBNH/N2NcQn 77PRqtJn/esIC0JP+e16mGpDKvVx1vcA+4HGnc3DfJwfniZXk1GAwkdXCIrEkBYvFcLK +yww==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=95fHgSpJE2a/3pwyKvGNb1L0YoT7mXAkeuotnBAIh8s=; b=ixo66gF7zjoCbjBBaswScX+BiRVHmfnLHKhf8L2U/L7NEYr6lKRQlENjyPhS3jlEsn CIYEerwW1rsuo0Vl6hFYAv2g5S1SuDJoWYxoVI0G12G4WPP8aYBHIvlMI9nd+BSf/Dzu lGsS7D+wwZd91tW+3Pn76grLe67Mtiz4hnGbbO5kk7lLGAjxESmDlI/bq470IUs3UeLW VclxMAMOVqRswNupebGz+9VvBnK7ja6aZrmFTV2uwjApxsE1ZsF1wiItFvKNmcOAPLx2 F+d8fDVSfsE3vLgTQg+JjE0rwAA4hzsXOPcIQALcJ0z9O7BIU6GoAs8yHNG2D75d/Ry3 5J9g==
X-Gm-Message-State: AHQUAub4py3RSocLPWBDYhq/KLzrlqiJMukwJeJh4TW+AZ7PO/kVgVVf td9lqihu+J21qDuIHLpi8q0YZzv0aSaRyN67YdokeU9V
X-Google-Smtp-Source: AHgI3IbarXtu3QmNOCIxQMlUl4AQof41vkVG6+bd8d2N8Mhr9+0fEbdWYK1bEjuauddg/VDb5WeG5g2l1k44jKwYCCI=
X-Received: by 2002:a2e:84ca:: with SMTP id q10-v6mr10403618ljh.65.1549554510442; Thu, 07 Feb 2019 07:48:30 -0800 (PST)
MIME-Version: 1.0
References: <> <> <> <>
In-Reply-To: <>
From: Bob Harold <>
Date: Thu, 07 Feb 2019 10:48:19 -0500
Message-ID: <>
To: Ted Lemon <>
Cc: Petr Špaček <>, Tony Finch <>, IETF DNSOP WG <>, Kevin Darcy <>
Content-Type: multipart/alternative; boundary="00000000000027bbac05814fc63c"
Archived-At: <>
Subject: Re: [DNSOP] RFC 1035 vs. mandatory NS at apex?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 07 Feb 2019 15:48:34 -0000

On Thu, Feb 7, 2019 at 10:35 AM Ted Lemon <> wrote:

> On Feb 7, 2019, at 10:06 AM, Petr Špaček <> wrote:
> We (as developers in our office) all have had gut feeling that NS is
> mandatory but we could not find it in the RFCs.
> I hate to say it, but we should really make sure that this is actually
> stated somewhere where it can reasonably be found.   If it is not, we
> should state it.   Petr was completely sensible to think it was the case
> but not be sure.   Saying that it is the case, and why it is the case,
> would be helpful.   This is something that I hadn’t really thought through
> before Petr asked the question, but I’d been wondering about it too because
> the question comes up in the DNSSD Discovery Proxy code I’m working on (I
> assumed the answer was yes).

If we write it down, perhaps we should also mention that other things that
answer DNS queries, like load balancers, should also return proper SOA and
NS records, not just A and AAAA records,  for the same reasons.

Bob Harold