Re: [DNSOP] BULK RR as optional feature
Evan Hunt <each@isc.org> Wed, 29 March 2017 04:03 UTC
Return-Path: <each@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88C83127058 for <dnsop@ietfa.amsl.com>; Tue, 28 Mar 2017 21:03:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1UgfHwzv4vJa for <dnsop@ietfa.amsl.com>; Tue, 28 Mar 2017 21:03:44 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.64.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0AF21292AE for <dnsop@ietf.org>; Tue, 28 Mar 2017 21:03:43 -0700 (PDT)
Received: from bikeshed.isc.org (bikeshed.isc.org [149.20.48.19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id DBA2D34930F; Wed, 29 Mar 2017 04:03:41 +0000 (UTC)
Received: by bikeshed.isc.org (Postfix, from userid 10292) id C911B216C1C; Wed, 29 Mar 2017 04:03:41 +0000 (UTC)
Date: Wed, 29 Mar 2017 04:03:41 +0000
From: Evan Hunt <each@isc.org>
To: John R Levine <johnl@taugh.com>
Cc: "dnsop@ietf.org" <dnsop@ietf.org>
Message-ID: <20170329040341.GA27262@isc.org>
References: <20170328183156.2467.qmail@ary.lan> <20170328205151.GB23312@isc.org> <A05B583C828C614EBAD1DA920D92866BD0717CFC@PODCWMBXEX501.ctl.intranet> <20170329021935.GA25314@isc.org> <alpine.OSX.2.20.1703282245500.4804@ary.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <alpine.OSX.2.20.1703282245500.4804@ary.local>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/g8jZoCGGx3ZHA3-dnKrDqoOvZ2k>
Subject: Re: [DNSOP] BULK RR as optional feature
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2017 04:03:45 -0000
On Tue, Mar 28, 2017 at 10:47:02PM -0500, John R Levine wrote: > That's exactly the problem -- a server that doesn't handle BULK will > return the wrong answer. It might return the BULK record itself or > NXDOMAIN for an address that BULK would synthesize. And, if the zone is signed, it'll be provably wrong. I don't think it's enough to handwave the problem as "not of great concern". At least, please add some operational advice that BULK is not to be deployed in any domain unless all auth servers for that domain fully implement it. -- Evan Hunt -- each@isc.org Internet Systems Consortium, Inc.
- [DNSOP] BULK RR as optional feature John Levine
- Re: [DNSOP] BULK RR as optional feature Evan Hunt
- Re: [DNSOP] BULK RR as optional feature John R Levine
- Re: [DNSOP] BULK RR as optional feature Evan Hunt
- Re: [DNSOP] BULK RR as optional feature John R Levine
- Re: [DNSOP] BULK RR as optional feature Donald Eastlake
- Re: [DNSOP] BULK RR as optional feature Woodworth, John R
- Re: [DNSOP] BULK RR as optional feature Paul Vixie
- Re: [DNSOP] BULK RR as optional feature Woodworth, John R
- Re: [DNSOP] BULK RR as optional feature Evan Hunt
- Re: [DNSOP] BULK RR as optional feature Woodworth, John R
- Re: [DNSOP] BULK RR as optional feature John R Levine
- Re: [DNSOP] BULK RR as optional feature Evan Hunt
- Re: [DNSOP] BULK RR as optional feature Woodworth, John R
- Re: [DNSOP] BULK RR as optional feature Woodworth, John R
- Re: [DNSOP] BULK RR as optional feature Evan Hunt
- Re: [DNSOP] BULK RR as optional feature Tony Finch
- Re: [DNSOP] BULK RR as optional feature Tony Finch
- Re: [DNSOP] BULK RR as optional feature John R Levine
- Re: [DNSOP] BULK RR as optional feature John R Levine
- Re: [DNSOP] BULK RR as optional feature Woodworth, John R
- Re: [DNSOP] BULK RR as optional feature Evan Hunt
- Re: [DNSOP] BULK RR as optional feature Woodworth, John R
- Re: [DNSOP] BULK RR as optional feature John R Levine
- Re: [DNSOP] BULK RR as optional feature Bob Harold
- Re: [DNSOP] BULK RR as optional feature Woodworth, John R