Re: [DNSOP] Definition of QNAME (Was: I-D Action: draft-ietf-dnsop-terminology-bis-06.txt

"Peter van Dijk" <peter.van.dijk@powerdns.com> Thu, 21 September 2017 17:26 UTC

Return-Path: <peter.van.dijk@powerdns.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85977126E64 for <dnsop@ietfa.amsl.com>; Thu, 21 Sep 2017 10:26:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3Jn_gDVA6LEe for <dnsop@ietfa.amsl.com>; Thu, 21 Sep 2017 10:26:48 -0700 (PDT)
Received: from mx2.open-xchange.com (alcatraz.open-xchange.com [87.191.39.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5009B126C0F for <dnsop@ietf.org>; Thu, 21 Sep 2017 10:26:48 -0700 (PDT)
Received: by mx2.open-xchange.com (Postfix, from userid 1001) id 62EE36A3A6; Thu, 21 Sep 2017 19:26:46 +0200 (CEST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by mx2.open-xchange.com (Postfix) with ESMTP id 24FCA6A33A; Thu, 21 Sep 2017 19:26:39 +0200 (CEST)
Received: from [127.0.0.1] (helo=mx2.open-xchange.com) by localhost with ESMTP (eXpurgate 4.1.8) (envelope-from <peter.van.dijk@powerdns.com>) id 59c3f64e-034f-7f000001272a-7f000001a71d-1 for <multiple-recipients>; Thu, 21 Sep 2017 19:26:38 +0200
Received: from open-xchange.com (imap.open-xchange.com [10.20.30.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx2.open-xchange.com (Postfix) with ESMTPS id C52486A330; Thu, 21 Sep 2017 19:26:38 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1]) by open-xchange.com (Postfix) with ESMTP id B76283C19DF; Thu, 21 Sep 2017 19:26:38 +0200 (CEST)
Received: from open-xchange.com ([127.0.0.1]) by localhost (imap.open-xchange.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 51m5A1MTkaHM; Thu, 21 Sep 2017 19:26:38 +0200 (CEST)
Received: from [10.242.2.24] (095-096-086-198.static.chello.nl [95.96.86.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by open-xchange.com (Postfix) with ESMTPSA id 9A4C43C0ACA; Thu, 21 Sep 2017 19:26:38 +0200 (CEST)
From: "Peter van Dijk" <peter.van.dijk@powerdns.com>
To: dnsop@ietf.org
Date: Thu, 21 Sep 2017 19:26:37 +0200
Message-ID: <5D87C9A8-1B89-4EA2-BC6D-09B4AFDE0111@powerdns.com>
In-Reply-To: <20170921160115.GA20526@isc.org>
References: <149894524329.526.18431408698564464455@ietfa.amsl.com> <20170824142147.lshdlmjv62nojd32@nic.fr> <20170921034533.d2isi2idl7cyepea@mx4.yitter.info> <8FD138C0-3D99-42E6-8EB2-97C5FA2F0C80@powerdns.com> <20170921160115.GA20526@isc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
X-Mailer: MailMate (1.9.7r5418)
Content-Transfer-Encoding: quoted-printable
X-purgate-ID: 151428::1506014799-0000034F-074720EE/0/0
X-purgate-type: clean
X-purgate-size: 1972
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate: clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/pdbmwjryV41dHamJsySENX8_2ZI>
Subject: Re: [DNSOP] Definition of QNAME (Was: I-D Action: draft-ietf-dnsop-terminology-bis-06.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Sep 2017 17:26:51 -0000

Hello,

On 21 Sep 2017, at 18:01, Evan Hunt wrote:

> On Thu, Sep 21, 2017 at 02:20:15PM +0200, Peter van Dijk wrote:
>> thank you for this, I like it a lot. One nit below.
>
> Me too, with another nit...
>
>>>       This creates a kind of confusion, however, because the answer 
>>> to a
>>>       query that results in CNAME processing contains in the echoed
>>>       Question Section one QNAME (the name in the original query), 
>>> and a
>>>       second QNAME that is in the data field of the last CNAME.  The
>
> Why only the "last CNAME?" If a chain contains more than one CNAME, 
> the
> answer includes intermediate names as well:
>
> ;; ANSWER SECTION:
> www.paypal.com.         5       IN      CNAME   
> geo.paypal.com.akadns.net.
> geo.paypal.com.akadns.net. 5    IN      CNAME   
> wlb.paypal.com.akadns.net.
> wlb.paypal.com.akadns.net. 5    IN      CNAME   
> www.paypal.com.edgekey.net.
> www.paypal.com.edgekey.NET. 5   IN      CNAME   
> e3694.a.akamaiedge.net.
> e3694.a.akamaiedge.net. 5       IN      A       104.91.181.63

That’s a very good point. If any of these CNAMEs are synthesised from 
wildcards, and DNSSEC is in play, then the use of QNAME in RFC5155 (and 
presumably also the NSEC equivalent) demands that each step of this 
chain is the QNAME at some point.

> If it's necessary to have a specific term that only refers to the 
> *last*
> name, perhaps "QNAME (final)" would be a better choice for that.

+1 - with the caveat that the definition needs to decide if it applies 
when the chain does not end (a loop, or a failure). Is that ‘final’? 
‘effective’?’ ‘intermediate’? Perhaps the right division is 
original+intermediate+final, dropping effective in favour of the 
intermediate+final division.

Kind regards,
-- 
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/