Re: [DNSOP] NXDOMAIN and RFC 8020
"Murray S. Kucherawy" <superuser@gmail.com> Tue, 06 April 2021 19:03 UTC
Return-Path: <superuser@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB9A93A2C8B for <dnsop@ietfa.amsl.com>; Tue, 6 Apr 2021 12:03:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yinPLiuJB5NI for <dnsop@ietfa.amsl.com>; Tue, 6 Apr 2021 12:03:49 -0700 (PDT)
Received: from mail-vk1-xa2f.google.com (mail-vk1-xa2f.google.com [IPv6:2607:f8b0:4864:20::a2f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83F243A2C88 for <dnsop@ietf.org>; Tue, 6 Apr 2021 12:03:48 -0700 (PDT)
Received: by mail-vk1-xa2f.google.com with SMTP id s136so3428182vks.4 for <dnsop@ietf.org>; Tue, 06 Apr 2021 12:03:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5zR0eS6PDiBBnzEDfxsGHwNSNIhCl7Mb3v/lVgHr+x8=; b=TbEtBRaLo89oolXhh7u7MACBZNAOpdfZSOqADnkZHotiGtegRaE+Mo3exUjGinlUUi h9YTwoMVfGWRrVG/QMUoMBMZyz34EGtjoXEXKceoSjkiaTvUTaZNfnNpBfLSkBrOHLGX IQJdoPuqOee9ecBRQ2UdUHfyYQd9U6h++6OghsUfX7/F+hnjEhroaz1mnzzplvLhO2Iy XvEZiYef8deasbrjE+XS9jiCSh5dwUofWc1aBwiG28240/tDlLVxZEW1p09ufSSlzs8s 23Z3XbFx8dt2U/cblUffGGdjZrKqcMuRT6edTK8DO/6n07CNz30eBLQFTLg3Uh3e+L9F jS3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5zR0eS6PDiBBnzEDfxsGHwNSNIhCl7Mb3v/lVgHr+x8=; b=t+4SSUUaDH9JIKcPrPxkHapPNS1KY5uBOUn/2r0s6St5ztmalQDPUxNjmt6z4KKMuq VEGBwWCTmVTdC/KrDAT/UQDQpzNrMMDI44JgmB3Yy3GDu1iHq0eFgw37pgDHbiCxly1+ 8xg6iPHufL0l4CBtFJxDyebkwJ8omA+Pehwfnr4KNNz3M+/JPN/oD4IZ2TObv/VB/+d0 Z9WYlFfQV/ocjNs8CiHMEXR+SfqZKvkoL4wD4mD6jB0S5oDf2IKHR7yhc/m/+wsLXS6s 44Djv2Jff0NzIwzbsv8mc0brt2kytUeEdv/P36VOIASjuZK98igWjerfDL3niOPQVK2k lb+Q==
X-Gm-Message-State: AOAM530qaom/HXa2w9oXZueX5EiCzXppbRyIL3UffcrM8Oykj7Fz87Fa CAHHsCgqPLRzMMKH7giPjdmtK1t8YlgKnC3s1C4yjoH6
X-Google-Smtp-Source: ABdhPJx3bqRW+b3soPvM99K3VXZ6XUKl5cbj4x77Kkfh1mUuz/27t+iDsb0qrcohhTKHUeu9F2ZkKzfmY0Kxlr5+xJA=
X-Received: by 2002:a1f:9345:: with SMTP id v66mr18312776vkd.22.1617735826435; Tue, 06 Apr 2021 12:03:46 -0700 (PDT)
MIME-Version: 1.0
References: <CAL0qLwai81BFYfG=u-Z+sVgE8aBvU1gGgOjO_vYH_aLP9GsnxA@mail.gmail.com> <CAHPuVdUHfc8+RiciDb2jyzfMbcZU--5VyKKg9ypGdTiMU__N8A@mail.gmail.com>
In-Reply-To: <CAHPuVdUHfc8+RiciDb2jyzfMbcZU--5VyKKg9ypGdTiMU__N8A@mail.gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Tue, 06 Apr 2021 12:03:34 -0700
Message-ID: <CAL0qLwbLKzb_rssVH2=HhPDVVSz50_59_HsG73=eL_S8GNeiBg@mail.gmail.com>
To: Shumon Huque <shuque@gmail.com>
Cc: "dnsop@ietf.org WG" <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000004672f305bf527986"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ZXqSVTFpqyD70NDRTO88kNmCzPA>
Subject: Re: [DNSOP] NXDOMAIN and RFC 8020
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Apr 2021 19:03:51 -0000
On Tue, Apr 6, 2021 at 11:48 AM Shumon Huque <shuque@gmail.com> wrote: > Without DNSSEC, there is no current way to provide an indication about the > longest ancestor of the name that did exist. With DNSSEC, the NSEC or NSEC3 > records in the response can do this (as well as providing cryptographic > proof of this assertion with their signatures). > Thanks, this (and the others) is helpful. Focusing on "no current way", could the process described in RFC 8020 theoretically be amended to do so? It's fine if the answer is "no", but I'd love to understand why if that's the case. -MSK
- [DNSOP] NXDOMAIN and RFC 8020 Murray S. Kucherawy
- Re: [DNSOP] NXDOMAIN and RFC 8020 libor.peltan
- Re: [DNSOP] NXDOMAIN and RFC 8020 Peter van Dijk
- Re: [DNSOP] NXDOMAIN and RFC 8020 Shumon Huque
- Re: [DNSOP] NXDOMAIN and RFC 8020 Murray S. Kucherawy
- Re: [DNSOP] NXDOMAIN and RFC 8020 Shumon Huque
- Re: [DNSOP] NXDOMAIN and RFC 8020 Brian Dickson
- Re: [DNSOP] NXDOMAIN and RFC 8020 Murray S. Kucherawy
- Re: [DNSOP] NXDOMAIN and RFC 8020 Shumon Huque
- Re: [DNSOP] NXDOMAIN and RFC 8020 John Levine
- Re: [DNSOP] NXDOMAIN and RFC 8020 Manu Bretelle
- Re: [DNSOP] NXDOMAIN and RFC 8020 Murray S. Kucherawy
- Re: [DNSOP] NXDOMAIN and RFC 8020 John R Levine
- Re: [DNSOP] NXDOMAIN and RFC 8020 Andrew Sullivan
- Re: [DNSOP] NXDOMAIN and RFC 8020 John R Levine
- Re: [DNSOP] NXDOMAIN and RFC 8020 sthaug