IETF Logo Mail Archive

Re: [DNSOP] Call for Adoption: draft-ogud-dnsop-acl-metaqueries

Florian Weimer <fw@deneb.enyo.de> Sat, 14 March 2015 20:34 UTC

Return-Path: <fw@deneb.enyo.de>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 945341A01EA for <dnsop@ietfa.amsl.com>; Sat, 14 Mar 2015 13:34:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.56
X-Spam-Level:
X-Spam-Status: No, score=-1.56 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p1mF8n_d7TQj for <dnsop@ietfa.amsl.com>; Sat, 14 Mar 2015 13:34:11 -0700 (PDT)
Received: from albireo.enyo.de (albireo.enyo.de [46.237.207.196]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C82CD1A01C6 for <dnsop@ietf.org>; Sat, 14 Mar 2015 13:34:10 -0700 (PDT)
Received: from [172.17.203.2] (helo=deneb.enyo.de) by albireo.enyo.de with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) id 1YWsl7-0005VA-02 for dnsop@ietf.org; Sat, 14 Mar 2015 21:34:09 +0100
Received: from fw by deneb.enyo.de with local (Exim 4.80) (envelope-from <fw@deneb.enyo.de>) id 1YWsl6-0000td-Pl for dnsop@ietf.org; Sat, 14 Mar 2015 21:34:08 +0100
From: Florian Weimer <fw@deneb.enyo.de>
To: dnsop <dnsop@ietf.org>
References: <55031D6F.1090902@gmail.com>
Date: Sat, 14 Mar 2015 21:34:08 +0100
In-Reply-To: <55031D6F.1090902@gmail.com> (Tim Wicinski's message of "Fri, 13 Mar 2015 17:25:03 +0000")
Message-ID: <87bnjve2tb.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/nf1yaW6Z0P6anf5yeeMmMH97f7U>
Subject: Re: [DNSOP] Call for Adoption: draft-ogud-dnsop-acl-metaqueries
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Mar 2015 20:34:12 -0000

* Tim Wicinski:

> This starts a Call for Adoption for draft-ogud-dnsop-acl-metaqueries
>
> The draft is available here:
> https://datatracker.ietf.org/doc/draft-ogud-dnsop-acl-metaqueries/

No real comments on adoptions below, just some technical issues.

Is there are definition now what constitutes a meta-query or a meta
type?

Anyway, this draft makes makes it valid to respond to unknown RR types
in queries with NOTIMP instead of NODATA or NXDOMAIN.  Do we want
that?  (Authoritative servers with this behavior have seen some
deployment.)

NOTIMP is a poor choice for an ACL mechanism because most existing
recursive resolvers will not cache it *and* will treat it as a hint to
try another upstream server.

The draft should be clearer about how to “suppress” a query.

v2.23.0 | Report a Bug | By Email