Re: [DNSOP] New version of draft-ietf-dnsop-resolver-priming
神明達哉 <jinmei@wide.ad.jp> Fri, 29 January 2016 18:38 UTC
Return-Path: <jinmei.tatuya@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B18871B2DBB for <dnsop@ietfa.amsl.com>; Fri, 29 Jan 2016 10:38:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.978
X-Spam-Level:
X-Spam-Status: No, score=-0.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SpEmXaPzp4H3 for <dnsop@ietfa.amsl.com>; Fri, 29 Jan 2016 10:38:10 -0800 (PST)
Received: from mail-ig0-x234.google.com (mail-ig0-x234.google.com [IPv6:2607:f8b0:4001:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 836B21B2DAE for <dnsop@ietf.org>; Fri, 29 Jan 2016 10:38:10 -0800 (PST)
Received: by mail-ig0-x234.google.com with SMTP id h5so39293757igh.0 for <dnsop@ietf.org>; Fri, 29 Jan 2016 10:38:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=SCQsekyxb0NQVGoxx3vne/sWToTvAQeQfHTbTpFS6YA=; b=uNAA8qbuyzwoEgrAjNZZzyt/7u9Y0uBTO4AxJVPwVcDTkwTOV1nxYYPl1hgfQXSpte /RGXe1SMkxoQBnAwkhuIPpqyD5S+BYRiUut6vmiY3KDiHunvgksfm03GujN6R5Lj7uPz AGa6TwOOgnurZq/5sU3eZF4Cy3qNYEwZ9GKyLs8alaU4nOS3OJb60Zg1E0XJL8RTjiBQ cPJXJutBSlfP4jzxZJmg/dZBAMbOe35Xw6xR0hHWYFrpSy5/BTUyZSdrJuQdZapWTH9H nY10Jw4dSVWB46hTOQxbJBeLFXLGbLCthoO6yYys8jpj9ExIvfoZqtIqTFPusX6m5DmE OPRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=SCQsekyxb0NQVGoxx3vne/sWToTvAQeQfHTbTpFS6YA=; b=Te93b5u5fTuAlrnDgg5BodSvAQhLC9ynwuBdiXiGWfyxbv722dfybzKAE9MfVWVdCl zEm0K3owBYt3iT/QIwVqnEkXwKFafJHBzgEFG5tb54j4uqhXtWyiS7FbFyDKCIO9slx6 8ReKlhA+0WpixAAFDKKXlWhEuQxGumfE0COa5dmsrKuoeCDgTlocMXbaPzUhckuzCW3G mk2KK6qGLPhNbG3hcfqEZnbgxfm4cF7R1J3IWjqEsEyZi37/irnC++kaxC1kccVkDb7s 2a6rK0V5OWnRFhwqWjjUKI6CR0FZ3Fgb4NsUJ4lGk+5sQTmuKBdw7N47TjHqXJz8B1HD cYXw==
X-Gm-Message-State: AG10YOTXJ3N9RN9Q2+TogHU987JFBMiRqtaTuSHC4E3Ybj6BANB5ZUl+mDY1u/d0yvI7rZnoVF9ASBL9ynhFVg==
MIME-Version: 1.0
X-Received: by 10.50.79.167 with SMTP id k7mr10411141igx.41.1454092689842; Fri, 29 Jan 2016 10:38:09 -0800 (PST)
Sender: jinmei.tatuya@gmail.com
Received: by 10.107.136.90 with HTTP; Fri, 29 Jan 2016 10:38:09 -0800 (PST)
In-Reply-To: <E764A09B-3E16-4F93-96B4-B8CDDEBE766B@vpnc.org>
References: <E19574D8-7460-4910-B65F-5355DFCA7313@vpnc.org> <CAJE_bqfWFGfjmXwEhXNfEsE_crH6e51Y1HrYrCD4AnWHwMVSiQ@mail.gmail.com> <4DC64D5D-CCCD-4A07-A285-C9E16773F56C@vpnc.org> <CAJE_bqdN-dn8VHmQo-iVOo40Z40=8SeK-3CvFKT7jTr-qJ4LOA@mail.gmail.com> <E764A09B-3E16-4F93-96B4-B8CDDEBE766B@vpnc.org>
Date: Fri, 29 Jan 2016 10:38:09 -0800
X-Google-Sender-Auth: FY84uxup-vvkhGmj9gknyCxqiBs
Message-ID: <CAJE_bqe7cgR1wAQ=ktjKPtVzgCg=1uUr_r3q64LNFn_zCPgPkA@mail.gmail.com>
From: 神明達哉 <jinmei@wide.ad.jp>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/VMV2AWhHqrPLABjLFf1NXW4NqGM>
Cc: dnsop WG <dnsop@ietf.org>
Subject: Re: [DNSOP] New version of draft-ietf-dnsop-resolver-priming
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jan 2016 18:38:11 -0000
At Fri, 22 Jan 2016 09:28:21 -0800, "Paul Hoffman" <paul.hoffman@vpnc.org> wrote: > > Right, but there's no requirement what to be put in the additional > > section, so this "expected property" relies on a particular > > implementation behavior (rather than something we can expect from any > > "protocol-compliant" implementation). That's fine to me, but I > > thought it should be clearly stated. > > This is a good point: the current text conflates all three things. How > about: > > The priming response is expected to have an RCODE of NOERROR, and to > have the > AA bit set. Also, it is expected to have an NS RRSet in the Answer > section (because the > NS RRSet originates from the root zone), and an empty Authority section > (because the > NS RRSet already appears in the answer section). There may be an > Additional section with A > and/or AAAA RRSets for the root name servers pointed at by the NS RRSet. (sorry for the delayed response) in clarity it now looks good, but I'm not sure this is enough as a description of priming query behavior. I would wonder what if the AAAA and/or A RRSets are missing - in that case the result of the priming query is almost useless or could even be harmful as you'd now only cache the new ./NS RRSet (which could be totally different from that of the "hint"). If I were to write this text, I'd say something like this: The priming response is expected to have an RCODE of NOERROR, and to have the AA bit set. Also, it is expected to have an NS RRSet in the Answer section (because the NS RRSet originates from the root zone), and an empty Authority section (because the NS RRSet already appears in the answer section). The Additional section is conventionally expected to include A and/or AAAA RRSets for the root name servers pointed at by the NS RRSet. Although these RRSets are not guaranteed to be included by the protocol standards, they are essential for the priming response to be useful in practice, and currently deployed root servers actually meet the expectation. -- JINMEI, Tatuya
- [DNSOP] New version of draft-ietf-dnsop-resolver-… Paul Hoffman
- Re: [DNSOP] New version of draft-ietf-dnsop-resol… 神明達哉
- Re: [DNSOP] New version of draft-ietf-dnsop-resol… Paul Hoffman
- Re: [DNSOP] New version of draft-ietf-dnsop-resol… Warren Kumari
- Re: [DNSOP] New version of draft-ietf-dnsop-resol… 神明達哉
- Re: [DNSOP] New version of draft-ietf-dnsop-resol… Paul Hoffman
- Re: [DNSOP] New version of draft-ietf-dnsop-resol… 神明達哉
- Re: [DNSOP] New version of draft-ietf-dnsop-resol… Paul Hoffman
- Re: [DNSOP] New version of draft-ietf-dnsop-resol… 神明達哉