IETF Logo Mail Archive

Re: [DNSOP] WGLC: "Considerations for the use of DNS Reverse Mapping"

Andrew Sullivan <ajs@commandprompt.com> Sat, 29 March 2008 19:18 UTC

Return-Path: <dnsop-bounces@ietf.org>
X-Original-To: ietfarch-dnsop-archive@core3.amsl.com
Delivered-To: ietfarch-dnsop-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 99BFC28C137; Sat, 29 Mar 2008 12:18:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.086
X-Spam-Level:
X-Spam-Status: No, score=-101.086 tagged_above=-999 required=5 tests=[AWL=-0.649, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7uc5QkY4sfv4; Sat, 29 Mar 2008 12:18:17 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A376F28C31A; Sat, 29 Mar 2008 12:18:17 -0700 (PDT)
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CCDD928C31A for <dnsop@core3.amsl.com>; Sat, 29 Mar 2008 12:18:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cp14oijrdzFl for <dnsop@core3.amsl.com>; Sat, 29 Mar 2008 12:18:15 -0700 (PDT)
Received: from lists.commandprompt.com (host-159.commandprompt.net [207.173.203.159]) by core3.amsl.com (Postfix) with ESMTP id 9774D28C137 for <dnsop@ietf.org>; Sat, 29 Mar 2008 12:18:15 -0700 (PDT)
Received: from commandprompt.com (129-2-175-74.wireless.umd.edu [129.2.175.74]) (authenticated bits=0) by lists.commandprompt.com (8.13.8/8.13.8) with ESMTP id m2TJIcHe020437 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 29 Mar 2008 12:18:43 -0700
Date: Sat, 29 Mar 2008 15:18:04 -0400
From: Andrew Sullivan <ajs@commandprompt.com>
To: dnsop@ietf.org
Message-ID: <20080329191803.GA362@commandprompt.com>
References: <20080314034500.GE7553@x27.adm.denic.de> <20080326142252.GA11184@nic.fr>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <20080326142252.GA11184@nic.fr>
User-Agent: Mutt/1.5.17 (2007-11-01)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (lists.commandprompt.com [207.173.203.159]); Sat, 29 Mar 2008 12:18:44 -0700 (PDT)
Subject: Re: [DNSOP] WGLC: "Considerations for the use of DNS Reverse Mapping"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsop-bounces@ietf.org
Errors-To: dnsop-bounces@ietf.org

Dear colleagues, 

I received some time ago some comments off-list on the reverse-mapping
considerations document.  I attempted unsuccessfully to convince the
reviewer to send his substantive comments to the WG list, but he did
not feel comfortable with that.  (He also provided a number of helpful
editorial comments, which we incorporated in the most recent version
of the draft.)

I here will attempt to summarize my understanding of his comments.


The reviewer takes exception to the suggestion that delegations in the
forward zone should ideally have an entry in the reverse zone too.
Instead, he suggests, that there be _at least one_ matching reverse;
e.g.,

         A (PTR (ipaddr))   == ipaddr                                           
or       A (PTR (A (fqdn))) == A (fqdn)

but not many more.  The reviewer argues that the draft should in fact
argue against adding multiple ("more than a handful") PTR(s) for a
given address.

It was our (the editors') impression that the above is consistebt with
what the draft actually says, but that it has a different emphasis.
That is, we think the draft says that existing reverse data is
generally good, and matching reverse is nice to have, but that you
shouldn't take this too far.  We decided not to try to change this in
the draft on the grounds of the support we had so far, but we're
certainly open to changes if others think this message is garbled in
the existing version of the draft.

I hope I've done justice to the reviewer's comments.

Best regards,

A

-- 
Andrew Sullivan
ajs@commandprompt.com
+1 503 667 4564 x104
http://www.commandprompt.com/
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email