IETF Logo Mail Archive

Re: [DNSOP] Priming query transport selection

Alex Bligh <alex@alex.org.uk> Wed, 13 January 2010 20:01 UTC

Return-Path: <alex@alex.org.uk>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E813B3A69F1 for <dnsop@core3.amsl.com>; Wed, 13 Jan 2010 12:01:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EffyzPPB55gP for <dnsop@core3.amsl.com>; Wed, 13 Jan 2010 12:01:21 -0800 (PST)
Received: from mail.avalus.com (mail.avalus.com [89.16.176.221]) by core3.amsl.com (Postfix) with ESMTP id 1E9BB3A6A44 for <dnsop@ietf.org>; Wed, 13 Jan 2010 12:01:04 -0800 (PST)
Received: from [192.168.100.15] (87-194-71-186.bethere.co.uk [87.194.71.186]) by mail.avalus.com (Postfix) with ESMTPSA id F318BC562EF; Wed, 13 Jan 2010 20:01:00 +0000 (GMT)
Date: Wed, 13 Jan 2010 20:01:00 +0000
From: Alex Bligh <alex@alex.org.uk>
To: Olafur Gudmundsson <ogud@ogud.com>, dnsop@ietf.org
Message-ID: <4748449C0E5079B5A4376DF3@Ximines.local>
In-Reply-To: <201001131823.o0DINxYv068180@stora.ogud.com>
References: <201001131823.o0DINxYv068180@stora.ogud.com>
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Cc: Alex Bligh <alex@alex.org.uk>
Subject: Re: [DNSOP] Priming query transport selection
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Alex Bligh <alex@alex.org.uk>
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2010 20:01:22 -0000

--On 13 January 2010 13:19:30 -0500 Olafur Gudmundsson <ogud@ogud.com> 
wrote:

> Going forward I think this is a bad recommendation.  I would like to
> propose that the document take the plunge of recommending that
> modern DNSSEC capable resolvers perform the priming query over TCP.
...
> By making this change section 2.4 can be dropped, the one
> on not asking for signed answers.

Not sure I agree.

I think there is a good case to be made that IF the DO bit is set,
THEN the response SHOULD be made over TCP, but you are asking
that even non DNSSEC capable resolvers which would query with
DO clear make queries over TCP; in these instances the response
packet would be much smaller.

-- 
Alex Bligh

v2.23.0 | Report a Bug | By Email