Re: [DNSOP] question regarding draft-ietf-dnsop-aname: aname section & truncation
Matthijs Mekking <matthijs@pletterpet.nl> Mon, 03 June 2019 09:05 UTC
Return-Path: <matthijs@pletterpet.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9599B1200F9 for <dnsop@ietfa.amsl.com>; Mon, 3 Jun 2019 02:05:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lGzWXbcX8bPv for <dnsop@ietfa.amsl.com>; Mon, 3 Jun 2019 02:05:53 -0700 (PDT)
Received: from lb3-smtp-cloud7.xs4all.net (lb3-smtp-cloud7.xs4all.net [194.109.24.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2A7D1200D6 for <dnsop@ietf.org>; Mon, 3 Jun 2019 02:05:52 -0700 (PDT)
Received: from [IPv6:2001:980:4eb1:1:c088:e748:8d66:e3f8] ([IPv6:2001:980:4eb1:1:c088:e748:8d66:e3f8]) by smtp-cloud7.xs4all.net with ESMTPSA id XiuYhGeqw3qlsXiuZhNTjc; Mon, 03 Jun 2019 11:05:49 +0200
To: dnsop@ietf.org
References: <3a213a87-7c98-268e-e904-9255b6c32e6a@knipp.de>
From: Matthijs Mekking <matthijs@pletterpet.nl>
Message-ID: <9599ad1a-356e-36b2-f03c-702994ad0cb8@pletterpet.nl>
Date: Mon, 03 Jun 2019 11:05:46 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <3a213a87-7c98-268e-e904-9255b6c32e6a@knipp.de>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-CMAE-Envelope: MS4wfEQoyGxIUiMi9NJWdicUafO/IdCEVWHTbu/EDHHHciUjg8rmk93fBvYt73IYqEW0N7TZhY8vMi6tK5yOwezawmxl/xE8RBdKkxvaW7FOrD0L+xaeVZHX wEkfvzZuJ+kufb1vbJ1h68tlBAby8tUbDX5TJ+6DIHT0aT55CA3SFO44AK8BM5c4pgCQvl3igj3lb8RSU9VIrmMBCSrfIR8z3sTgnzRxdcaf36UPA7fSDuwF +6yNvZa55E9s1+QxOgKjb1eIIi55QHq0UxImzuhPfLA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/JlBk9uUC5MR9OM1scKNo3xBIxnw>
Subject: Re: [DNSOP] question regarding draft-ietf-dnsop-aname: aname section & truncation
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Jun 2019 09:05:55 -0000
Hi Klaus, On 5/31/19 1:13 PM, Klaus Malorny wrote: > > Hi all, > > thanks for answering my recent questions so far, but I have to bother > you with another (maybe stupid?) issue. > > I saw that for regular address queries, you moved the ANAME record from > the "answer" section to the "additional" section in the -02 draft. I > tried to figure out why, but did not find an answer in the document > itself or in the github issues. > > This might by a problem, at least theoretically. RFC 2181, section 9, > says that records may be removed from the additional section without > setting the TC bit if the message would get too large otherwise. So the > ANAME record could get lost in some circumstances. I have not checked > whether this could occur in real, with very long query names, a lot of > address records, authority records and maybe with signatures (which > would allow larger responses due to the DNSSEC requirements on the other > hand). There is an appendix that discusses this: What should be in the additional section: ANAME makes sense, but differs from CNAME logic (where the CNAME is in the answer section). And should additional target records that match the query type go in the answer section? From experience with DNAME there is a risk of interoper problems if unexpected records are put in the answer section. There was indeed no github issue for it, so I created it: https://github.com/each/draft-aname/issues/62 Please dicuss. Best regards, Matthijs > > Regards, > > Klaus > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop
- [DNSOP] question regarding draft-ietf-dnsop-aname… Klaus Malorny
- Re: [DNSOP] question regarding draft-ietf-dnsop-a… Matthijs Mekking