Re: [DNSOP] NXDOMAINs as in RFC 1034

[Mukund Sivaraman <muks@mukund.org>]

Hi Shumon

On Mon, May 28, 2018 at 09:46:08PM -0400, Shumon Huque wrote:
> Yes, I agree with all of this. As you say, the tree structure of the domain
> name
> space implies the very interpretation of NXDOMAIN that RFC 8020 attempted
> to clarify more explicitly.
> 
> As for ambiguities in RFC 1034, the text in 8020 that mentions this issue:
> 
>   "This is due to an ambiguity in
>    [RFC1034] that failed to distinguish Empty Non-Terminal (ENT) names
>    ([RFC7719]) from nonexistent names (Section 3.1)."
> 
> came directly from Vixie et. al's resimprove draft (Section 3), which was
> RFC 8020's
> starting point. Personally, I did not find any ambiguities in RFC 1034 with
> respect
> to how DNS servers should respond to empty non-terminals, but clearly a
> number
> of implementations did not do the right thing, so the topic likely did
> deserve some
> clarification. Also, if I recall correctly, RFC 1034 does not explicitly
> mention empty
> non-terminals - they did not have a definitional term at that time although
> the concept
> was surely known.

RFC 1034 states in 3.1 "The domain system makes no distinctions between
the uses of the interior nodes and leaves, and this memo uses the term
"node" to refer to both."

Then, it states in 3.6 "A domain name identifies a node.  Each node has
a set of resource information, which may be empty."

(Note that names are not the item considered here, nodes are.)

The above describes that any leaf and/or interior nodes may be empty.
It does not mention the word "terminal" which is a more modern DNS word,
but it's clear that it refers to leaf nodes, and ENTs are empty interior
nodes. They have to exist for them to be interior nodes.

I agree clarification is good, and so RFC 8020++.. however note the
point Vixie makes - NXDOMAINs for ENTs have never been correct in the
DNS. RFC 8020 clarifies it, but the implementations which return
NXDOMAINs are broken against RFC 1034 onwards.

		Mukund