Re: [DNSOP] Mandated order of CNAME records in a CNAME chain?

Florian Weimer <fw@deneb.enyo.de> Sun, 02 October 2016 07:55 UTC

Return-Path: <fw@deneb.enyo.de>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0281B12B063 for <dnsop@ietfa.amsl.com>; Sun, 2 Oct 2016 00:55:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.896
X-Spam-Level:
X-Spam-Status: No, score=-4.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-2.996] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UxPHTry6L711 for <dnsop@ietfa.amsl.com>; Sun, 2 Oct 2016 00:55:29 -0700 (PDT)
Received: from albireo.enyo.de (albireo.enyo.de [5.158.152.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43E2B12B028 for <dnsop@ietf.org>; Sun, 2 Oct 2016 00:55:28 -0700 (PDT)
Received: from [172.17.203.2] (helo=deneb.enyo.de) by albireo.enyo.de with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) id 1bqbcM-0008RL-4s; Sun, 02 Oct 2016 09:55:26 +0200
Received: from fw by deneb.enyo.de with local (Exim 4.84_2) (envelope-from <fw@deneb.enyo.de>) id 1bqbcM-00032O-1S; Sun, 02 Oct 2016 09:55:26 +0200
From: Florian Weimer <fw@deneb.enyo.de>
To: Robert Edmonds <edmonds@mycre.ws>
References: <20160929123532.GD22645@laperouse.bortzmeyer.org> <20160929130333.qsrjntfgmrobj7i2@mycre.ws>
Date: Sun, 02 Oct 2016 09:55:26 +0200
In-Reply-To: <20160929130333.qsrjntfgmrobj7i2@mycre.ws> (Robert Edmonds's message of "Thu, 29 Sep 2016 09:03:33 -0400")
Message-ID: <87bmz3p4lt.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/JDAnG0agoXAzpFIgI1TG5mK63eo>
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] Mandated order of CNAME records in a CNAME chain?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Oct 2016 07:55:31 -0000

* Robert Edmonds:

> I think there was already a thread on this topic recently on this list
> ("Order of CNAME and A in Authoritative Reply" from August 2015). There
> was some discussion over "adding" versus "appending" and it was pointed
> out that a lot of existing code (e.g., the BSD stub resolver) was
> written using the "add at the end" meaning.

Are there stub resolvers which actually chase the CNAME chain?

I assume it is quite common just to check the QNAME, and then extract
A/AAAA records from the answer section without matching their owner
names (but potentially recording their owner name as the “canonical
name” of the host, even though that's rarely useful these days).