Re: [DNSOP] [Ext] WGLC rfc8499bis one week extension for lame delegation definition

Havard Eidnes <> Wed, 03 May 2023 17:00 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0116BC151546 for <>; Wed, 3 May 2023 10:00:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id akx-E5yLlspE for <>; Wed, 3 May 2023 10:00:42 -0700 (PDT)
Received: from ( []) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by (Postfix) with ESMTPS id 2200BC1519B8 for <>; Wed, 3 May 2023 10:00:39 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 87EC043E9A2; Wed, 3 May 2023 19:00:37 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=he201803; t=1683133237; bh=VTI6iXP6+jTod9HCEYJ2YQQh/x0lO5Xgp3EzaSLF1DM=; h=Date:To:Cc:Subject:From:In-Reply-To:References:From; b=OlTsrn0SYW9AQ3bhEeNyKx6TyK1hPS3jkAA32ovcRVxNhAINF+lQjmwCj63LIbbp1 OiR/03DScnih+rnOVEyE/qZl4UcgAx+ewrB6ta7SjeX5zXSnpxSHeLsblMJkGN+2rE H17OiaCBroVSQFcOBz5Lb8stEFAl8LSheuT++rwQ=
Date: Wed, 03 May 2023 19:00:37 +0200
Message-Id: <>
From: Havard Eidnes <>
In-Reply-To: <>
References: <> <> <>
X-Mailer: Mew version 6.9 on Emacs 26.3
Mime-Version: 1.0
Content-Type: Text/Plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [DNSOP] [Ext] WGLC rfc8499bis one week extension for lame delegation definition
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 03 May 2023 17:00:47 -0000

> A lame delegation is said to exist when a server assumed (by
> the querier) to be authoritative for a zone replies
> non-authoritatively for {any|all} data within the zone.
> 3) {any|all} open question...can a server be "partially lame?"

Sadly, yes, ref. suspected load balancers who have been taught
how to reply to A queries, but return empty non-AA answers
(possibly with authority information) when queried for other
record types, such as AAAA, ref.

dig a


dig aaaa

(this example came up earlier in the discussion, just repeating
it here as an example)

See the results of querying for "ns" or "soa", they are also
non-AA but with a authority section among others pointing to
itself, similar to the result for the "aaaa" query.


- Håvard