[DNSOP] NXDOMAIN and RFC 8020
"Murray S. Kucherawy" <superuser@gmail.com> Tue, 06 April 2021 18:11 UTC
Return-Path: <superuser@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6B133A2AF2 for <dnsop@ietfa.amsl.com>; Tue, 6 Apr 2021 11:11:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kc0LHhGZ9zHs for <dnsop@ietfa.amsl.com>; Tue, 6 Apr 2021 11:11:23 -0700 (PDT)
Received: from mail-ua1-x936.google.com (mail-ua1-x936.google.com [IPv6:2607:f8b0:4864:20::936]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4EE4D3A2AF1 for <dnsop@ietf.org>; Tue, 6 Apr 2021 11:11:23 -0700 (PDT)
Received: by mail-ua1-x936.google.com with SMTP id r8so4896569ual.9 for <dnsop@ietf.org>; Tue, 06 Apr 2021 11:11:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=XpkJQYHw4JNoV+WhHWziN/mkCsQ3mG7qrno0a4IepNM=; b=HMxc742Oj038yyiVs3U8s9gTC0ylshxJcbRzXiCEsvZs8jqIY9eM2gDuMPOG6tDptD aLtNjCE+BTc2RbUOOjioRJ/ggunm4vOYWUl3EYwCJ4Fj6uqt1u2pfeYvj1blHDGtGRvf erHgae/EIsElBaQFxJ6FefOizXw5tBdmb1W1P4hiMIRBYSW/8sAYn9megRnLwzEky/6n fk/YOYaW6cW0ofNQMhM4AWi8YyT74u5MZsRPik3q9ZGlUygwpxFk2Y96SVn/qVyXlGkK n6key1sbgzoqUOepxEDw8zgD8S5ayWcyDmgB48VNC5qNWHhrnUdmxr5faW4uzrsBjgFP HacQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=XpkJQYHw4JNoV+WhHWziN/mkCsQ3mG7qrno0a4IepNM=; b=TD9HeyTYhEdGZ5LmoU2QtivMsfYZ8/4Z9UPRKA98Nj7tgG/TqHvURvLLFAJE/8Y55q dDiFIj0qVhHk68PsK+YswBpZRBXpyhYG+btdR83LilG97HJu2p/VkRadCb0/ZkvSuZRN 4D7cDYan7OJUl8TxjOqM57TO9lsrR/wkRUVigLi2bWZQd4iFzTlPhwDY9cD7qG6dL0LW cU0VKrKPvS+hQF4xp4EZ7PErWHTHZMPw1CJNf9SgS+FZ6Zd7v99KQr35JrmZihjXTnqJ +fp/7P8YUTaqI8SPXGrY8w7E5xDRjnI7hfcXx4NfydLyenSrZupKawNmgIS9K5dsxnzY OFpg==
X-Gm-Message-State: AOAM53166g4G5UnD37dIe9JE+t4Wh0F0W62sq6Z6aAK6yJgTWjikMVVl 2OUu0RjGaBAaT6awJaX6wZ7Fpx3Umk5Lp9p7rcT8Mzun
X-Google-Smtp-Source: ABdhPJwjvoyvsaICIFpAOsm+VLPPXIeDEQiEZ2zcqLpVMJVE9sYaxhWNk2ZCLCbGs0nsLBk9ZANvyw0NloB5bcqcTVY=
X-Received: by 2002:ab0:e17:: with SMTP id g23mr10885012uak.87.1617732680213; Tue, 06 Apr 2021 11:11:20 -0700 (PDT)
MIME-Version: 1.0
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Tue, 06 Apr 2021 11:11:08 -0700
Message-ID: <CAL0qLwai81BFYfG=u-Z+sVgE8aBvU1gGgOjO_vYH_aLP9GsnxA@mail.gmail.com>
To: dnsop@ietf.org
Content-Type: multipart/alternative; boundary="000000000000bee6d205bf51bddc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/UrGxHJZj_KAYqgsnEVzZafSDFJE>
Subject: [DNSOP] NXDOMAIN and RFC 8020
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Apr 2021 18:11:25 -0000
I'm wondering something about tree walks, which John Levine asked about in November, as it's a topic of interest to the evolution of DMARC. I've read RFC 8020 which says an NXDOMAIN cached for "foo.example" also covers later queries for "bar.foo.example". Makes sense. Can this be used (or maybe amended) to cover the queries if they come in the reverse order? For instance, if "bar.foo.example" arrives first, but the authoritative server can determine that the entire "foo.example" tree doesn't exist, could it reply with an NXDOMAIN for the question plus a cacheable indication about the entire tree instead of just the name that was in the question? This would make an ascending tree walk even for something crazy like "a.b.c.d.....y.z.foo.example" extremely cheap as the cached NXDOMAIN for "foo.example" covers the entire subtree, for a caching nameserver implementing RFC 8020. Maybe this is discussed somewhere that I missed in the references. I'm happy to take a "go read this for the answer" if that's the case. Thanks, -MSK
- [DNSOP] NXDOMAIN and RFC 8020 Murray S. Kucherawy
- Re: [DNSOP] NXDOMAIN and RFC 8020 libor.peltan
- Re: [DNSOP] NXDOMAIN and RFC 8020 Peter van Dijk
- Re: [DNSOP] NXDOMAIN and RFC 8020 Shumon Huque
- Re: [DNSOP] NXDOMAIN and RFC 8020 Murray S. Kucherawy
- Re: [DNSOP] NXDOMAIN and RFC 8020 Shumon Huque
- Re: [DNSOP] NXDOMAIN and RFC 8020 Brian Dickson
- Re: [DNSOP] NXDOMAIN and RFC 8020 Murray S. Kucherawy
- Re: [DNSOP] NXDOMAIN and RFC 8020 Shumon Huque
- Re: [DNSOP] NXDOMAIN and RFC 8020 John Levine
- Re: [DNSOP] NXDOMAIN and RFC 8020 Manu Bretelle
- Re: [DNSOP] NXDOMAIN and RFC 8020 Murray S. Kucherawy
- Re: [DNSOP] NXDOMAIN and RFC 8020 John R Levine
- Re: [DNSOP] NXDOMAIN and RFC 8020 Andrew Sullivan
- Re: [DNSOP] NXDOMAIN and RFC 8020 John R Levine
- Re: [DNSOP] NXDOMAIN and RFC 8020 sthaug