Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01.txt
Tony Finch <dot@dotat.at> Wed, 31 January 2018 17:01 UTC
Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7F7A1316EA for <dnsop@ietfa.amsl.com>; Wed, 31 Jan 2018 09:01:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.219
X-Spam-Level:
X-Spam-Status: No, score=-4.219 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dY5DqUSs15yU for <dnsop@ietfa.amsl.com>; Wed, 31 Jan 2018 09:01:25 -0800 (PST)
Received: from ppsw-30.csi.cam.ac.uk (ppsw-30.csi.cam.ac.uk [131.111.8.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2610412EC08 for <dnsop@ietf.org>; Wed, 31 Jan 2018 09:00:50 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:35132) by ppsw-30.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.136]:25) with esmtps (TLSv1:ECDHE-RSA-AES256-SHA:256) id 1egvkf-000cxK-cq (Exim 4.90) (return-path <dot@dotat.at>); Wed, 31 Jan 2018 17:00:49 +0000
Date: Wed, 31 Jan 2018 17:00:48 +0000
From: Tony Finch <dot@dotat.at>
To: dnsop@ietf.org, each@isc.org, peter.van.dijk@powerdns.com, anthony.eden@dnsimple.com
In-Reply-To: <42A570AB-26D8-451D-89CB-84E9800CA30E@dotat.at>
Message-ID: <alpine.DEB.2.11.1801311632090.30577@grey.csi.cam.ac.uk>
References: <151573473976.18703.16142464801623244164@ietfa.amsl.com> <alpine.DEB.2.11.1801301852340.12461@grey.csi.cam.ac.uk> <42A570AB-26D8-451D-89CB-84E9800CA30E@dotat.at>
User-Agent: Alpine 2.11 (DEB 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/JsCXixrggTRbmKwFITZlK-dz-lc>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Jan 2018 17:01:32 -0000
I've been pondering DNSSEC and additional data. I think it's currently the case for additional section processing in general that if (say) an AAAA RRset isn't present, then nothing is added to the additional section. I think it would be better to add an NSEC(3) proof of nonexistence if the relevant zone is signed. The ANAME draft is consistent with traditional behaviour. I vaguely wonder if it would be worth encouraging additional section PNEs, or if it would be wedging too much into the spec. One reason not to beef it up in this way is that, as currently written, ANAME generally doesn't require two upstream queries for one incoming query - if the other address type isn't cached the server can just omit it. The exception is a dynamic signed PNE where the server has to ensure the type bitmap is correct. On the other hand, if it is beefed up then an ANAME query effectively becomes the mythical one-message A+AAAA query. I dunno if this counts in favour or against :-) Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ - I xn--zr8h punycode Hebrides, Bailey, Fair Isle, Faeroes, Southeast Iceland: Cyclonic at first in Fair Isle, otherwise northerly or northwesterly 6 to gale 8, occasionally severe gale 9. Very rough or high. Squally wintry showers. Good, occasionally poor.
- [DNSOP] I-D Action: draft-ietf-dnsop-aname-01.txt internet-drafts
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Bob Harold
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Richard Gibson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Wessels, Duane
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Evan Hunt
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Wessels, Duane
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Evan Hunt
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Stefan Bühler
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Bjørn Mork
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Evan Hunt
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Evan Hunt
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Tony Finch
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Tony Finch
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Tony Finch
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Stefan Bühler
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Evan Hunt
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01… Tony Finch