Re: [DNSOP] Fwd: New Version Notification for draft-ogud-dnsop-any-notimp-00.txt

Tony Finch <fanf2@cam.ac.uk> Sat, 07 March 2015 21:04 UTC

Return-Path: <fanf2@cam.ac.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E98A1A0390 for <dnsop@ietfa.amsl.com>; Sat, 7 Mar 2015 13:04:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.61
X-Spam-Level:
X-Spam-Status: No, score=-3.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, J_CHICKENPOX_55=0.6, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YCIW01C2ERBZ for <dnsop@ietfa.amsl.com>; Sat, 7 Mar 2015 13:04:19 -0800 (PST)
Received: from ppsw-40.csi.cam.ac.uk (ppsw-40.csi.cam.ac.uk [131.111.8.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 149D91A038F for <dnsop@ietf.org>; Sat, 7 Mar 2015 13:04:18 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from host86-129-223-215.range86-129.btcentralplus.com ([86.129.223.215]:64562 helo=[192.168.1.107]) by ppsw-40.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.156]:587) with esmtpsa (PLAIN:fanf2) (TLSv1:DHE-RSA-AES256-SHA:256) id 1YULtO-00044y-jR (Exim 4.82_3-c0e5623) (return-path <fanf2@cam.ac.uk>); Sat, 07 Mar 2015 21:04:14 +0000
Content-Type: multipart/alternative; boundary="Apple-Mail-F0E666D7-738C-4A6D-8977-F22ED349A82B"
Mime-Version: 1.0 (1.0)
From: Tony Finch <fanf2@cam.ac.uk>
X-Mailer: iPhone Mail (12B466)
In-Reply-To: <54FA2FEE.7000304@redbarn.org>
Date: Sat, 07 Mar 2015 21:04:14 +0000
Content-Transfer-Encoding: 7bit
Message-Id: <C5299BB5-46A8-4B36-9446-0725A8FB68DA@cam.ac.uk>
References: <20150306172715.24305.58649.idtracker@ietfa.amsl.com> <CAN6NTqw4n_mTqjGDsOc4kT3fvm1PaCWKt+AUPw+4GevQqG3Ymw@mail.gmail.com> <20150306182444.GA50555@PorcupineTree.nominum.com> <54F9FC8D.9050003@redbarn.org> <20150306213856.GA51222@PorcupineTree.nominum.com> <54FA2179.3000403@redbarn.org> <20150306223336.GA60793@PorcupineTree.nominum.com> <54FA2FEE.7000304@redbarn.org>
To: Paul Vixie <paul@redbarn.org>
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/iFVwro4GaMxevnZTAseRpx7pdfk>
X-Mailman-Approved-At: Sat, 07 Mar 2015 13:53:32 -0800
Cc: Olafur Gudmundsson <olafur@cloudflare.com>, "dnsop@ietf.org" <dnsop@ietf.org>, Ralf Weber <dns@fl1ger.de>
Subject: Re: [DNSOP] Fwd: New Version Notification for draft-ogud-dnsop-any-notimp-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Mar 2015 21:04:21 -0000


> On 6 Mar 2015, at 22:53, Paul Vixie <paul@redbarn.org> wrote:
> 
>>> if you want to change how DNSSEC works, i'll listen. but there's no
>>> reasonable interpretation of past or current specifications by which
>>> QTYPE=RRSIG can be categorized a "meta-query". (unlike
>>> QTYPE=ANY/IXFR/AXFR, or RD=0 when speaking to a recursive-only server.)
>> I never said that RRSIG is a meta query. I said that implementing RRSIG
>> is as hard as implementing ANY with regard to the aspect that you have
>> to use/look for more than one query type, which is different from
>> all other query types.
> 
> i see. so, are you proposing to change the way DNSSEC works, or not?

I think Ralf is right that QTYPE=RRSIG is weird just like ANY, in that it is asking for (part of) all? any? RRsets at a given owner name. I wonder how caches handle it...

Since DNSSEC does not use or need QTYPE=RRSIG, I do not see how deprecating it would require any changes to DNSSEC.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at