Re: [DNSOP] Clarifying referrals (#35)

Andrew Sullivan <ajs@anvilwalrusden.com> Tue, 14 November 2017 06:32 UTC

Date: Tue, 14 Nov 2017 01:32:10 -0500
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: dnsop@ietf.org
Message-ID: <20171114063209.gjubqyovnwcrl33a@mx4.yitter.info>
References: <20171112075445.tf2ut5dxzhhnqe7l@mx4.yitter.info> <20171112131831.GA32208@laperouse.bortzmeyer.org> <20171113014445.ncldrwnuuvluecx7@mx4.yitter.info> <5A08FD96.8030907@redbarn.org> <20171113020736.ga7rzgst2hurb56h@mx4.yitter.info> <5A09068A.3030206@redbarn.org> <20171113032640.tbn7icsllm6jeeny@mx4.yitter.info> <5A09C4D6.6080202@redbarn.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <5A09C4D6.6080202@redbarn.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Ympd1aUNPTuv9LuK-4Kpfcl88Xs>
Subject: Re: [DNSOP] Clarifying referrals (#35)
Precedence: list

Hi,

On Mon, Nov 13, 2017 at 08:14:14AM -0800, Paul Vixie wrote:
> > If I ask the authoritative server for example.com about a name
> > label.example.net, in a graph-theoretic sense the NS RRset for the
> > root zone is clearly closer to label.example.net than anything else I
> > can give.
> 
> dns is not that kind of graph.
> 
> if the qname is acetes.pa.dec.com and the query is being processed by the
> dec.com authority server who knows that pa.dec.com is a delegation, then
> pa.dec.com is closer to acetes.pa.dec.com than the root would be.

Obviously.  But your example is still on the current tree, just not
immediately below.  The example I gave is in a completely different
section of the tree, and my point is that none of the text you quoted
shows why "." isn't the "closer server" that an authoritative server
somewhere beneath com. can give in response to a qname that is
somewhere beneath net.  We might think today that is a misfeature in
STD13, but I don't think it's a misinterpretation of what STD13 says.
I don't know what kind of graph would make that false.

> as i wrote during the SOPA wars, REFUSED has been widely used as an
> administrative denial, and repurposing it would not be effective at this
> late date.

This, too, seems to be a claim that is at best poorly justified.  It
might be that it is how BIND interprets the RCODE, but it's not what
it is defined to be. I'm anyway not sure your description in the
circleid piece (or elsewhere) is inconsistent with the RFC 1035
definition of RCODE 5: "The name server refuses to perform the
specified operation for policy reasons."  Refusing to respond to this
or that IP address is a policy, and refusing to perform upward
referrals is also a policy, no?

Best regards,

A

-- 
Andrew Sullivan
ajs@anvilwalrusden.com

[DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Stephane Bortzmeyer
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) John Kristoff
Re: [DNSOP] [Ext] Re: Clarifying referrals (#35) Edward Lewis
[DNSOP] CDS polling, was Re: [Ext] Re: Clarifying… Tony Finch
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] CDS polling, was Re: [Ext] Re: Clarif… Evan Hunt
Re: [DNSOP] Clarifying referrals (#35) Matthew Pounsett
Re: [DNSOP] CDS polling, was Re: [Ext] Re: Clarif… Edward Lewis
Re: [DNSOP] CDS polling, was Re: [Ext] Re: Clarif… Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Matthew Pounsett
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Matthew Pounsett
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Robert Edmonds
Re: [DNSOP] Clarifying referrals (#35) Evan Hunt
Re: [DNSOP] CDS polling, was Re: [Ext] Re: Clarif… Mark Andrews
Re: [DNSOP] CDS polling, was Re: [Ext] Re: Clarif… Evan Hunt
[DNSOP] another draft (was Re: Clarifying referra… Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Evan Hunt
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] CDS polling, was Re: [Ext] Re: Clarif… Mark Elkins
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] CDS polling, was Re: [Ext] Re: Clarif… Tony Finch
Re: [DNSOP] Clarifying referrals (#35) Evan Hunt
Re: [DNSOP] CDS polling, was Re: [Ext] Re: Clarif… Jacques Latour
Re: [DNSOP] Clarifying referrals (#35) Dave Lawrence
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] CDS polling, was Re: [Ext] Re: Clarif… Paul Wouters
Re: [DNSOP] Clarifying referrals (#35) Tony Finch
Re: [DNSOP] CDS polling, was Re: [Ext] Re: Clarif… Tony Finch
Re: [DNSOP] Clarifying referrals (#35) Stephane Bortzmeyer
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Mark Andrews
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Mark Andrews
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Mark Andrews
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Mark Andrews
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Mark Andrews
Re: [DNSOP] Clarifying referrals (#35) Mark Andrews
Re: [DNSOP] Clarifying referrals (#35) Evan Hunt
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Tony Finch
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) P Vix
Re: [DNSOP] Clarifying referrals (#35) Mark Andrews
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Tony Finch
Re: [DNSOP] Clarifying referrals (#35) P Vix
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Tony Finch
Re: [DNSOP] Clarifying referrals (#35) Paul Hoffman
Re: [DNSOP] Clarifying referrals (#35) Evan Hunt
Re: [DNSOP] Clarifying referrals (#35) Evan Hunt
Re: [DNSOP] Clarifying referrals (#35) Dick Franks
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Dick Franks
Re: [DNSOP] Clarifying referrals (#35) Tony Finch
Re: [DNSOP] Clarifying referrals (#35) Dick Franks
Re: [DNSOP] Clarifying referrals (#35) Tony Finch
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Paul Vixie
Re: [DNSOP] Clarifying referrals (#35) Florian Weimer
Re: [DNSOP] Clarifying referrals (#35) Tony Finch
Re: [DNSOP] Clarifying referrals (#35) Andrew Sullivan
Re: [DNSOP] Clarifying referrals (#35) Bob Harold
Re: [DNSOP] Clarifying referrals (#35) Evan Hunt
Re: [DNSOP] Clarifying referrals (#35) Wessels, Duane
Re: [DNSOP] Clarifying referrals (#35) Johannes Naab