Re: [DNSOP] RFC 1035 vs. mandatory NS at apex?

Kevin Darcy <kevin.darcy@fcagroup.com> Thu, 07 February 2019 13:54 UTC

Return-Path: <kevin.darcy@fcagroup.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05CBE124BE5 for <dnsop@ietfa.amsl.com>; Thu, 7 Feb 2019 05:54:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.041
X-Spam-Level:
X-Spam-Status: No, score=-2.041 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fcagroup-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ezW64Un8BzAw for <dnsop@ietfa.amsl.com>; Thu, 7 Feb 2019 05:54:06 -0800 (PST)
Received: from mail-it1-x136.google.com (mail-it1-x136.google.com [IPv6:2607:f8b0:4864:20::136]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 240A2123FFD for <dnsop@ietf.org>; Thu, 7 Feb 2019 05:54:06 -0800 (PST)
Received: by mail-it1-x136.google.com with SMTP id m62so14884946ith.5 for <dnsop@ietf.org>; Thu, 07 Feb 2019 05:54:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fcagroup-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=OHAQ7pWbAvGItQ7w/HjonWH38h0GVK9sNnB+IQrlJIw=; b=1PCDKWmeniT5yd/F8ZY08XnlAxRrAcq0AoPmPlp+CBVks9S8Hd45OKHQxroES+nd7+ aeyBaWhucOUHWuOq726l082FSikOKyUM6Rd++Emka33/v3S5r5sWTKJFYZVMxcQcvA8Y BW4pwaN1zBR8QdeScv9ybTp1GLL3UVGeuhSSY0EO9GORr32lB2nZ1PM1gyXeuWZK/86X vfVobRfPADtYuAnRySZDlXqYUXgc5gnJg52mWEnaP2mj6ymw/rGZQtzSdBlE8suy1Gln K5KATv06lWCGtyE8hHa6l63M4Sb0GiK6VFNjR2kBApMxKpjLlfzq40mH4jyvAqsrsysz QA9g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=OHAQ7pWbAvGItQ7w/HjonWH38h0GVK9sNnB+IQrlJIw=; b=i1b193yyHHbHk6FOgXBbs7ewnFUIV7qc/uq27wCPk0rsBblD1UkdvsBAk5GyBDspXp HC5l0nBX+/9h3oqJfxoPf9Eky7Vf/8RGWePl+cMcMbOBAk7yTSqvpHLfpC+lzAfLEU+n DueIM4l7XBIk5BTBnOiiiiSNusyyVaHxEd1egUtZKN2CF3qtwy93uIwywGHcYlDolfGe bQcVWOROd/CFk2M9gwvasmiu90s/dMSAjw6FK/SkggBVZUKpCrykxKxVV1p7zxStQhCS maTDXWSsagtAXdHofXtjBYKb+lN5J5xzoiryPZorHr5cOVPD7L34/rhxtiM7Upx+eJaE PPFQ==
X-Gm-Message-State: AHQUAubBmF+jbGdu1Q9kijYO2swQ2i47sPq6y6BqKJ8MC35inIzllfWI RI8fgQcyJ3XnKRMNkffNbdzQJAW8XGEUmzXia7BNHjs4Nfhagw==
X-Google-Smtp-Source: AHgI3IYzyNLXHmbE2jjcT6ghZ0XaC+r9jbIdTxPzi4jiFA1EDR4hPCn/JGCqzb9QC9pCSqaXe9ZXbguxP+oLji/np/A=
X-Received: by 2002:a24:5651:: with SMTP id o78mr4877386itb.157.1549547645003; Thu, 07 Feb 2019 05:54:05 -0800 (PST)
MIME-Version: 1.0
References: <fcd790a2-414b-491e-01e2-9aa92f7b1c4e@nic.cz>
In-Reply-To: <fcd790a2-414b-491e-01e2-9aa92f7b1c4e@nic.cz>
From: Kevin Darcy <kevin.darcy@fcagroup.com>
Date: Thu, 7 Feb 2019 08:53:54 -0500
Message-ID: <CAAeHe+xySnrvpD4-nhi3T0qiEmz8h0ZNUE_2kie7ctq8YPGRPA@mail.gmail.com>
To: "dnsop@ietf.org" <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f1a5c105814e2cd8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ipwko314FenUxrdzMl5vcick9wQ>
Subject: Re: [DNSOP] RFC 1035 vs. mandatory NS at apex?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Feb 2019 13:54:08 -0000

The "apex" terminology didn't come into vogue until later. Prior to that,
people talked about the "top" of a zone.

RFC 1034 Section 4.2.1 lays this out:

"In the data that makes up a zone, NS RRs are found at the top node of the
zone (and are authoritative)".

Admittedly "are found" doesn't sound to modern ears (or look to modern
eyes) like a mandatory requirement. That's another thing that's changed
over the years: RFC 2026 was yet to be published, which tightened up the
requirement levels and how to signal them textually. When looking at
pre-RFC-2026 RFC's, one has to exercise some judgement of whether verbiage
describing "typical" or "normal" situations is actually normative, perhaps
even mandatory..


                             - Kevin

On Thu, Feb 7, 2019 at 7:16 AM Petr Špaček <petr.spacek@nic.cz> wrote:

> Hello dnsop,
>
> here is a quiz for experienced RFC archeologists:
>
> https://tools.ietf.org/html/rfc1035#section-5.2
> section 5.2. Use of master files to define zones
> does not mention NS at apex at all, but it does explicitly mention SOA
> at apex. Can it be interpreted as if NS at apex is not mandatory?
>
> Funnily enough
> https://tools.ietf.org/html/rfc1035#section-5.3
> has an example which as NS at apex, but it is not clear from the text
> above.
>
> Is it mandatory or not? Should I submit erratum for RFC 1035?
>
> Thank you for clarification.
>
> --
> Petr Špaček  @  CZ.NIC
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>