IETF Logo Mail Archive

[DNSOP] Re: Fwd: New Version Notification for draft-ietf-dnsop-zoneversion-10.txt

"Wessels, Duane" <dwessels@verisign.com> Wed, 17 July 2024 17:54 UTC

Return-Path: <dwessels@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27321C15108E for <dnsop@ietfa.amsl.com>; Wed, 17 Jul 2024 10:54:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yJ0_BSC7PtV5 for <dnsop@ietfa.amsl.com>; Wed, 17 Jul 2024 10:54:38 -0700 (PDT)
Received: from mail4.verisign.com (mail4.verisign.com [69.58.187.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08E89C14F6EC for <dnsop@ietf.org>; Wed, 17 Jul 2024 10:54:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=7970; q=dns/txt; s=VRSN; t=1721238878; h=from:to:cc:date:message-id:references:in-reply-to: mime-version:subject; bh=k52H7/Mxe0i240ZDcpRF8g/xaYZmR7KbpxYBNPxXKIA=; b=PokUEvHQsrcBVVVRCyA9RXtkVLtBUuv+MO8U4UOqLNOmj3DWrbGaxEP5 62c9HRQNtF/WD45n9EqSswnnyI7iev7AmkXqVsac6NeD6CfIRJNpe2LtG q5EPM0cUSPprHoL1vy9nLvqzEbdEJplwttCfhCO/NSWUWGuHGuI+TLPEH D0v1ouBPNcyzQuRNsgxsJ7cFCzS3QtwV38qHQr1TEKP29FYRNB8w6q2UY gnXGi777JRc2b6o3LVpSCGXAfNpokJfAQlflVeEh6nPAezXhnQc1EvDqn ee3lY3VBSG88pz2ZWebVUuL47aodNZsKImcHRDqnuWFyzjHBy9ToKopgW g==;
X-CSE-ConnectionGUID: IPD/N5oHRcKAfyDDnUTCAA==
X-CSE-MsgGUID: 84aZqqRrQiqk+iSb+KRZCg==
X-ThreatScanner-Verdict: Negative
IronPort-Data: A9a23:auRHv6Mk5f3tFvLvrR35kMFynXyQoLVcMsEvi/8bNHDolHp+jmZWi jtAB3bGYazJZX+2Io4oOcnztx82DaSljYs6FVdy7S52J54hgZKcXY6TIhuuYinJfsPJFxk7v 5QXMIiRJ8xvQi/S/0egaufr8yMiiKzUSLStAeLNYi0tHgVoFCsog0kzwLRm3YMAbbSRChuVv dL5qtHeP1niwz1/KT1R8KOMrhpzoe7/0N89lgVWiadj4AWGxhH5da43Jb2tNym/BY5fBfb8S +fMzbq05H+f9BAoUnlMOF/GGnHmOYU+QTWzonpKR7DwxV9apS131a0gLLwQaEhWgDiTg5Z6z 9AVmN/ow+/hb63QhPxPFBJRGCxke7ZX/bbaPXj5usuWiEjecHqrz/RhDUo7J5EToP13CHtD+ ecdKTUAZRnFjPiqmNqHppJXargewLPDZMVH0kxIzS3FFe10BtfcXLqM6d5X3Tw9nNwIFvHbI OEhUmLFhb89IEXl0/z3YK7S59xE8UQTCRUE7gr9mII3/3TL1142l6fyL5zZe9OLTshPggCTo WeB5XzwRwwTbLSjJUG+HgWRapXnwWWjML86FKGk7uU4xxqM2XNVBBwZVFC2u+X/gUm7HMhHI gkJ83IExZTej3dHOeQRJTXk5ibsgyMhZjZwLwEbwFmElPaNvlfHWThYH2RKMIx+68I7HWRyi 1KHwI/jDjcw7OTFGHmQyOyZ/Gi4UcQ3wc3uRgdfFFdYvIOzyG0XpkiSJjq2OPft1rUZIRmpn nbX6nF43+hO5SIy//3T1UjdhD6xrYT+QAcw5wHGNkqo9QoRiLSNPuRE0nCFq64RRGqlZgPZ5 iRcxJHBtLpm4aylz0Rhfs1cRNlF2N7YaFUwsXY3d7E9+jKk/WKUfIw4yFlWOEdzP88YTiTia UnVtBk5zMc70KyCNPIfjyqZUqzG/IC4fTjXfqm8gulmO/CdQDS6EBRGPiZ86Ui2yRRxzvtvU XusWZ3E4X4yUcyLxRLoH7tNiedDKioWnQs/Trijp/irPCb3iNd4ht7pPXPXBt3V4p9ory30y /oYEZaN6y9Uc8TwcwX797MvBnkjeC1T6ZDe86S7d8apGCw/J0cMO6eIh60qfJZ92a1Z0PnS5 Xf7UUhdoLb9rSSfb1zVMTY6NeipAcYXQXETZETAOX6kxHU4eour948BeoE2Zrgo8qpoyvsco /wtIJ/dWKQUE2WvFzI1PcX0npV7Tg6ShBuNfCueanscRaxLSFmckjPjVk61nMUUNQKvvst7r 7u70RueHLIeAl0kFMbXY/WviVi2uBA1lORpWFPgI9RPdgPr6ocCFsDqpvUtJZgTLxjTnmLfz BiMRxIZvqzHpMk/6t+Qw76etIHvGOx7dqZHI1TmAX+NHXGy1gKeLUVoCY5koRi1uLvIxZif
IronPort-HdrOrdr: A9a23:z0wXEqit5LcyTWybJe7/irrPp3BQXgcji2hC6mlwRA09TyX+rb HKoB17726XtN9/YhEdcLy7VpVoIkmyyXcd2+B4AV7IZniEhILHFuBfxLqn7THmFzb36+JRkY xxGpITNPTASXx3l9zz7gX9MdoxqePszImYwcPT1W1kQw0vUbxn9AsRMGumO1d7XxZLHqA0E5 eg5s5KzgDKRUgq
X-Talos-CUID: 9a23:ta5gt2rQNh8sLEAIPvuc1abmUeEdXjr7kXDwGUSbIGh4ZJGTdGO70Yoxxg==
X-Talos-MUID: 9a23:27KLDAzdtG4HKex9vKsPOJi7zmGaqPTyAXIUiK8cgsidNm9xAD3erw6FaYByfw==
X-IronPort-AV: E=Sophos;i="6.09,215,1716249600"; d="p7s'346?scan'346,208,346";a="32528319"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.37; Wed, 17 Jul 2024 13:54:36 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) by BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) with mapi id 15.01.2507.037; Wed, 17 Jul 2024 13:54:36 -0400
From: "Wessels, Duane" <dwessels@verisign.com>
To: Philip Homburg <pch-dnsop-5@u-1.phicoh.com>
Thread-Topic: [EXTERNAL] [DNSOP] Fwd: New Version Notification for draft-ietf-dnsop-zoneversion-10.txt
Thread-Index: AQHa2HJj6oo/GeiKCkOywgMxAmX5UQ==
Date: Wed, 17 Jul 2024 17:54:36 +0000
Message-ID: <FD3C1248-2EC5-4599-8278-066255DEC16B@verisign.com>
References: <172047613820.448901.257008321714722865@dt-datatracker-5f88556585-j5r2h> <ABA9F522-FCF4-40CB-817D-B230E09BB23F@verisign.com> <m1sTdpf-0000LYC@stereo.hq.phicoh.net>
In-Reply-To: <m1sTdpf-0000LYC@stereo.hq.phicoh.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3774.600.62)
x-originating-ip: [10.170.148.18]
Content-Type: multipart/signed; boundary="Apple-Mail=_13F0FEEA-A529-4D10-8F3F-F1A89FDAED5F"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
Message-ID-Hash: GAYBQBFCSMWEGZJC4TFYPVQFGZZZB4JP
X-Message-ID-Hash: GAYBQBFCSMWEGZJC4TFYPVQFGZZZB4JP
X-MailFrom: dwessels@verisign.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "dnsop@ietf.org" <dnsop@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [DNSOP] Re: Fwd: New Version Notification for draft-ietf-dnsop-zoneversion-10.txt
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/brSmbCEFV4LrhvDw2gW1UPpRSSY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

Hi Philip, thanks for the feedback.

> On Jul 16, 2024, at 1:46 AM, Philip Homburg <pch-dnsop-5@u-1.phicoh.com> wrote:
> 
>> the changes from draft-ietf-dnsop-zoneversion-09 to -10 address or
>> incorporate the following points recently raised:
> 
> Sorry for the late response. I didn't pay much attention to the actual
> wording of the draft while it was informational.
> 
> I think it would be good to add two sentences to the introduction. The first
> is the following:
> 
> If a DNS zone has no meaningful SOA Serial number then the
> SOA-SERIAL ZONEVERSION option SHOULD NOT be returned in a reply.

I’m not sure about this.  Since every zone will have a SOA record,
and every SOA record will have a serial value, I suppose the question
becomes whether or not a serial number is “meaningful”.  I don’t know
how a name server would determine meaningfulness.  

What would be the harm in returning a SOA-SERIAL zone version if it
were not supposedly meaningful?  A user/client can see the value by
querying SOA directly.

Note also that a name server can always choose to not honor a client’s
request for zone version info, as per section 3.2 item (d).


> 
> This can be inserted right before 'To accommodate these use cases, new
> ZONEVERSION types could be defined in future specifications.'
> 
> The second addition:
> 
> The ZONEVERSION option as defined in this draft SHOULD NOT be used by
> recursive resolvers, client-side forwarders, etc. to decide when to flush
> a cache or otherwise how long to cache data.

I’m okay with something like this, but can you provide any more text about
why they should not use zone version data in caching decisions?

DW

v2.43.4 | Report a Bug | By Email | System Status