[DNSOP] Roman Danyliw's No Objection on draft-ietf-dnsop-qdcount-is-one-03: (with COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Sun, 16 June 2024 17:46 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 69430C14F706; Sun, 16 Jun 2024 10:46:53 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 12.15.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <171856001340.64384.10068953398967074057@ietfa.amsl.com>
Date: Sun, 16 Jun 2024 10:46:53 -0700
Message-ID-Hash: DOZWAT4TSFLRXS53TPHMFU4TR5TPBQL5
X-Message-ID-Hash: DOZWAT4TSFLRXS53TPHMFU4TR5TPBQL5
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-dnsop-qdcount-is-one@ietf.org, dnsop-chairs@ietf.org, dnsop@ietf.org, suzworldwide@gmail.com
X-Mailman-Version: 3.3.9rc4
Reply-To: Roman Danyliw <rdd@cert.org>
Subject: [DNSOP] Roman Danyliw's No Objection on draft-ietf-dnsop-qdcount-is-one-03: (with COMMENT)
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/YVHYFatuyck_jUHBhFXvfLHIQ1c>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

Roman Danyliw has entered the following ballot position for
draft-ietf-dnsop-qdcount-is-one-03: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ 
for more information about how to handle DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-qdcount-is-one/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

** idnits says

  == The 'Updates: ' line in the draft header should list only the _numbers_
     of the RFCs which will be updated by this document (if approved); it
     should not include the word 'RFC' in the list.

** Section 4.
   Firewalls that process DNS messages in order to eliminate unwanted
   traffic SHOULD treat messages with OPCODE = 0 and QDCOUNT > 1 as
   malformed traffic and return a FORMERR response as described above.
   Such firewalls MUST NOT treat messages with OPCODE = 0 and QDCOUNT =
   0 as malformed.  See Section 4 of [RFC8906] for further guidance.

(Editorial) Should the term “firewall” be generalized to “middle box” (or
something similar)?  I ask because I’m wondering if DNS proxies, UTMs, or IPSs
should also follow this advice?