Re: [DNSOP] draft-ietf-dnsop-rfc7816bis: hopefully ready for WG Last Call

Tony Finch <> Wed, 14 October 2020 18:15 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B1C033A0FC0 for <>; Wed, 14 Oct 2020 11:15:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id T_g0fQs6cu4J for <>; Wed, 14 Oct 2020 11:15:13 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1E4603A0B5F for <>; Wed, 14 Oct 2020 11:15:12 -0700 (PDT)
X-Cam-AntiVirus: no malware found
Received: from ([]:49370) by ( []:25) with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) id 1kSlIs-000s2e-gF (Exim 4.92.3) (return-path <>); Wed, 14 Oct 2020 19:15:10 +0100
Date: Wed, 14 Oct 2020 19:15:10 +0100
From: Tony Finch <>
To: Paul Hoffman <>
cc: dnsop <>
In-Reply-To: <>
Message-ID: <>
References: <>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <>
Subject: Re: [DNSOP] draft-ietf-dnsop-rfc7816bis: hopefully ready for WG Last Call
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 14 Oct 2020 18:15:15 -0000

A few questions and suggestions:

Section 3, algorithm step 5: what is a "hidden QTYPE"?

Also step 5, a NOERROR answer can be positive or negative, so I think it
should be made clear that this is about a non-NXDOMAIN negative cache
entry. (RFC 2308 calls these "NODATA".)

Step 6, what is the "minimised QTYPE"? The term is defined by implication
in section 2, but a reader can't find the definition by searching for the

Step 6b, again NOERROR can be positive or negative. I think either this
needs to be more specific, or it should explicitly say it covers both

Step 6c, CHILD might not be the full original QNAME at this point, so it's
only correct to stop on NXDOMAIN here if the resolver is doing RFC 8020
strict NXDOMAIN.

Editorial suggestion: the wall of text in section 2 could do with some
subheadings or bullet points. It would be helpful to make a more clear
separation between rationale/discussion and normative text.

I'm not a fan of the term "aggressive" since it sounds unpleasantly
fighty. And I'm not sure how it helps a reader to understand this draft:
AIUI angry vs friendly is supposed to be about the QTYPE used for
truncated query names; the algorithm in section 3 does not depend on this
choice, so I don't know why it is specifically the nasty algorithm. And
section 2 seems to imply the existence of a nice algorithm but there isn't
a specification of it. And why is the choice of QTYPE emotional, but the
number of labels to add is not?

Both section 5 and section 6 seem to be about performance, the problems
and possible benefits, but only the possible benefits count as performance
considerations. I think the question of how many labels to add on each
iteration should be a core part of QNAME minimization, described in
section 2.

(I keep expecting the Oxford spelling "minimize"...)

f.anthony.n.finch  <>
Fitzroy: Northerly or northeasterly 3 to 5, becoming variable 4 or less in
west, then southerly 5 or 6 in northwest. Moderate, occasionally rough at
first in northeast. Showers. Good.